Back

High-Severity Vulnerability Discovered in TP-Link Routers

Severity: High (Score: 64.5)

Sources: Gbhackers, Cybersecuritynews

Published: 2026-06-02 · Updated: 2026-06-02

Keywords: disclosed, high-severity, vulnerability, tp-link, routers, allow, flaw

Severity indicators: vulnerability, flaw, closed

Summary

A high-severity vulnerability, CVE-2026-5509, has been disclosed in TP-Link's Archer BE450 v1 and Archer BE7200 v1 routers. This flaw allows attackers to execute arbitrary system commands if they gain admin access, posing a significant risk to both home and small-office networks. The vulnerability has a CVSS v4.0 score of 8.5, indicating a high level of danger. Users are urged to take immediate action to secure their devices against potential exploitation. The vulnerability was published on May 27, 2026, and affects a wide range of users relying on these router models. No patches or mitigations have been mentioned in the articles as of the publication date. Key Points: • CVE-2026-5509 allows remote command execution on affected TP-Link routers. • The vulnerability affects Archer BE450 v1 and Archer BE7200 v1 models. • Users are advised to secure their devices due to the high CVSS score of 8.5.

Detailed Analysis

**Impact** The vulnerability affects TP-Link Archer BE450 v1 and Archer BE7200 v1 routers. Both consumer and small-office networks using these models are at risk. Successful exploitation could lead to full device compromise, impacting network availability and potentially exposing sensitive data transmitted through the affected routers. No specific geographic or sector data is provided. **Technical Details** The flaw, tracked as CVE-2026-5509 with a CVSS v4.0 score of 8.5, allows remote arbitrary system command execution after an attacker obtains administrative access. The attack vector requires admin credentials, enabling command execution at the system level. No malware, tools, or specific IOCs are mentioned in the sources. **Recommended Response** Apply vendor-issued patches or firmware updates for Archer BE450 v1 and Archer BE7200 v1 routers immediately. Restrict administrative access to trusted networks and enforce strong authentication controls. Monitor router logs for unusual command execution or unauthorized access attempts. No additional detection signatures or IOCs are currently available.

Source articles (2)

  • TP — Gbhackers · 2026-06-02
    TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi‑Fi routers that could allow remote command execution once an attacker gains admin access. The vulnerability…
  • TP — Cybersecuritynews · 2026-06-02
    A newly disclosed high-severity vulnerability in TP-Link routers could allow attackers to execute arbitrary system commands and fully compromise affected devices. Tracked as CVE-2026-5509, the flaw af…

Timeline

  • 2026-05-27 — CVE-2026-5509 published: TP-Link disclosed a high-severity vulnerability affecting Archer BE450 and BE7200 routers, allowing remote command execution.
  • 2026-05-27 — CVE-2026-5509 published: The vulnerability was assigned a CVSS v4.0 score of 8.5, indicating a high risk.
  • 2026-06-02 — Vulnerability disclosed to public: The security flaw was publicly disclosed, raising awareness among users and security professionals.
  • 2026-06-02 — Vulnerability reported in multiple outlets: Both Cybersecuritynews and Gbhackers reported on the vulnerability, emphasizing its severity.

CVEs

  • CVE-2026-5509

Related entities

  • Zero-day Exploit (Attack Type)
  • TP-Link (Company)
  • TP-Link routers (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed