CVE-2026-9151 | TP-Link Archer AX1300 v1.6 up to 1.6 VPN Module os command injection

June 10, 2026 Yanac

A vulnerability was found in TP-Link Archer AX12 V1, Archer AX18 v1, Archer AX17 v1 and Archer AX1300 v1.6 up to 1.6. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component VPN Module. This manipulation causes os command injection.

The identification of this vulnerability is CVE-2026-9151. The attack needs to be done within the local network. There is no exploit available.VulDB Recent EntriesRead More