CVE•Published 2026-04-16•Modified 2026-05-06•1 article on news•5 live references•NVD data

CVE-2026-5363Tp-link · Archer_c7_firmware

Vulnerability data via NVD (ingested)

CVSS v3.1

8.8

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS percentile

Exploit Prediction Scoring System · top 100% of all CVEs

Weaknesses (CWE)

CWE-326Inadequate Encryption Strength

Description

Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation. The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login. An adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration. This issue affects Archer C7: through Build 20220715.

Timeline

Published 2026-04-16

Modified 2026-05-06

External references

NVD MITRE Exploit-DB Sploitus VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-5363

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · OS

os:"Archer C7 Firmware"

Hosts Shodan identified as running Archer C7 Firmware.

More intel sources (5)

Shodan report

vuln:CVE-2026-5363

Country / ASN / product breakdown for the vuln query.

Censys

vulnerabilities.cve_id: CVE-2026-5363