CVE-2026-30814

Published: Apr 08, 2026 Last Modified: Apr 14, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,3
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Attack Vector: adjacent
Attack Complexity: high
Privileges Required: high
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH 8,0
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow arbitrary code execution, enabling modification of device state, exposure of sensitive data, or further compromise of device integrity.

This issue affects AX53 v1.0: before 1.7.1 Build 20260213.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0002
Percentile
0,0th
Updated

EPSS Score Trend (Last 8 Days)

121

Stack-based Buffer Overflow

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality Access Control Other
Potential Impacts:
Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other
Applicable Platforms
Languages: C, C++, Memory-Unsafe
Likelihood of Exploit: High
View CWE Details
787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Operating System

Archer Ax53 Firmware by Tp-Link

Product Information
Vendor Tp-Link
Product Archer Ax53 Firmware
Version Range Affected
To 1.7.1 (exclusive)
cpe:2.3:o:tp-link:archer_ax53_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://talosintelligence.com/vulnerability_reports/
https://talosintelligence.com/vulnerability_reports/
https://www.tp-link.com/en/support/download/archer-ax53/v1/…
https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/my/support/download/archer-ax53/v1/…
https://www.tp-link.com/my/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/us/support/faq/5055/
https://www.tp-link.com/us/support/faq/5055/