{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5363", "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "state": "PUBLISHED", "assignerShortName": "TPLink", "dateReserved": "2026-04-01T17:38:27.536Z", "datePublished": "2026-04-15T23:45:54.271Z", "dateUpdated": "2026-04-16T23:10:46.170Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "shortName": "TPLink", "dateUpdated": "2026-04-16T23:10:46.170Z"}, "title": "Use of weak cryptographic key in TP-Link Archer C7", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-326", "description": "CWE-326: Inadequate Encryption Strength", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-50", "descriptions": [{"lang": "en", "value": "CAPEC-50 Password Recovery Exploitation"}]}], "affected": [{"vendor": "TP-Link Systems Inc.", "product": "Archer C7 v5 and v5.8", "modules": ["uhttpd"], "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "Build 20220715", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation.\u00a0The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.\u00a0\nAn adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration.\u00a0\u00a0This issue affects Archer C7: through Build 20220715.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation.&nbsp;The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.&nbsp;\nAn adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration.&nbsp;&nbsp;<p>This issue affects Archer C7: through Build 20220715.</p>"}]}], "tags": ["unsupported-when-assigned"], "references": [{"url": "https://www.tp-link.com/us/support/faq/3562/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}], "credits": [{"lang": "en", "value": "S\u00e9rgio Silva (CYBERS3C)", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T13:17:25.657073Z", "id": "CVE-2026-5363", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:17:48.532Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5363", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-16T13:17:25.657073Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:17:41.905Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "Use of weak cryptographic key in TP-Link Archer C7", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "S\u00e9rgio Silva (CYBERS3C)"}], "impacts": [{"capecId": "CAPEC-50", "descriptions": [{"lang": "en", "value": "CAPEC-50 Password Recovery Exploitation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.4, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TP-Link Systems Inc.", "modules": ["uhttpd"], "product": "Archer C7 v5 and v5.8", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "Build 20220715"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.tp-link.com/us/support/faq/3562/"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation.\u00a0The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.\u00a0\nAn adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration.\u00a0\u00a0This issue affects Archer C7: through Build 20220715.", "supportingMedia": [{"type": "text/html", "value": "Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation.&nbsp;The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.&nbsp;\nAn adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration.&nbsp;&nbsp;<p>This issue affects Archer C7: through Build 20220715.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-326", "description": "CWE-326: Inadequate Encryption Strength"}]}], "providerMetadata": {"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "shortName": "TPLink", "dateUpdated": "2026-04-16T23:10:46.170Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5363", "state": "PUBLISHED", "dateUpdated": "2026-04-16T23:10:46.170Z", "dateReserved": "2026-04-01T17:38:27.536Z", "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "datePublished": "2026-04-15T23:45:54.271Z", "assignerShortName": "TPLink"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C56C283F-CEB9-4DB9-B7F7-3F3C01E8BDDB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:archer_c7:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "33EEE609-7209-4402-995B-A09BCA84C9A6", "vulnerable": false}, {"criteria": "cpe:2.3:h:tp-link:archer_c7:5.80:*:*:*:*:*:*:*", "matchCriteriaId": "351D38AB-71BD-4D45-8F15-BC31E284DCE7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [{"sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation.\u00a0The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.\u00a0\nAn adjacent attacker with the ability to intercept network traffic could potentially perform a brute-force or factorization attack against the 1024-bit RSA key to recover the plaintext administrator password, leading to unauthorized access and compromise of the device configuration.\u00a0\u00a0This issue affects Archer C7: through Build 20220715."}], "id": "CVE-2026-5363", "lastModified": "2026-05-06T14:08:58.067", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}, "published": "2026-04-16T00:16:29.547", "references": [{"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Not Applicable"], "url": "https://www.tp-link.com/us/support/faq/3562/"}], "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,Build 20220715]"}}], "enrichment": {"confidence": 85.0, "confidence_source": "inferred", "scores": [{"score": 85.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Archer C7 v5 and v5.8", "source": "cna", "vendor": "TP-Link Systems Inc."}, "product": "archer_c7", "vendor": "tp-link"}], "analysis": {"en": {"generated_at": "2026-04-16T02:14:09.895825+00:00", "value": {"mitigation_remediation": ["Upgrade the router to the latest firmware that removes the weak RSA key from the login process", "If an update is not yet available, disable remote access and ensure the router is accessed only over a secure local connection", "Change the administrator password to a strong, unique value and enforce local password policies"], "summary": {"action": "Apply Firmware Update", "impact": "Unauthorized Access via Password Recovery"}, "threat_synthesis": {"affected_systems": "TP\u2011Link Systems Inc. models Archer C7 running firmware versions 5 and 5.8, up to build 20220715.", "description_and_impact": "The vulnerability arises from the router\u2019s client\u2011side login form encrypting the administrator password with a 1024\u2011bit RSA key before sending it over the network. An attacker who can capture that traffic could use brute\u2011force or factorization techniques to recover the plaintext password, thereby gaining full administrative control and the ability to modify the device\u2019s configuration. The weakness is classified as inadequate encryption strength (CWE\u2011326).", "risk_and_exploitability": "The CVSS base score of 5.4 indicates moderate severity. Exploitability data is not available, and the vulnerability is not currently listed in the CISA KEV catalog. The likely attack vector is a network attacker able to intercept traffic between a legitimate client and the router, which could then mount a brute\u2011force or factorization effort against the weak RSA key. The real\u2011world risk depends on the attacker\u2019s computational resources and whether the router is exposed to untrusted networks."}}}}, "created": "2026-04-16T01:30:20.176410+00:00", "updated": "2026-04-16T02:15:21.323710+00:00", "vendors": ["tp-link", "tp-link$PRODUCT$archer_c7"]}