CVE-2026-11834

June 22, 2026, 9:16 p.m.

8.7
High

Description

A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient validation of externally supplied DHCP option data. An adjacent attacker may exploit this vulnerability by supplying crafted DHCP responses, potentially resulting in unauthorized command execution during device initialization or provisioning workflows. This typically occurs when the device is in a factory-default or unconfigured state. Successful exploitation may allow an adjacent, unauthenticated attacker to execute arbitrary commands with elevated privileges, potentially leading to full compromise of the affected device and unauthorized administrative control.

Product(s) Impacted

Vendor Product Versions
Tp-link
  • Router
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a tp-link router / / / / / / / /

References

https://www.tp-link.com/en/support/download/archer-c20/
https://www.tp-link.com/en/support/download/archer-mr200/#Firmware
https://www.tp-link.com/en/support/download/archer-mr402/#Firmware
https://www.tp-link.com/en/support/download/archer-vr2100/#Firmware
https://www.tp-link.com/en/support/download/tl-mr6400/v7/#Firmware
https://www.tp-link.com/us/support/download/archer-c20/
https://www.tp-link.com/us/support/faq/5141/

Tags

CWE-78
f23511db-6c3e-4e32-a477-6aa17d310630
2026-06-22
CVE-2026-11834

CVSS Score

8.7 / 10

CVSS Data - 4.0

  • Attack Vector: ADJACENT
  • Attack Complexity: LOW
  • Attack Requirements: NONE
  • Privileges Required: NONE
  • User Interaction: NONE
  • Scope:
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH
  • Exploit Maturity: NOT_DEFINED

    • CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

    View Vector String

Timeline

Published: June 22, 2026, 7:16 p.m.
Last Modified: June 22, 2026, 9:16 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

f23511db-6c3e-4e32-a477-6aa17d310630

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.