CVE-2026-5363: CWE-326: Inadequate Encryption Strength in TP-Link Systems Inc. Archer C7 v5 and v5.8
CVE-2026-5363 is a medium-severity vulnerability affecting TP-Link Archer C7 v5 and v5. 8 routers through build 20220715. The vulnerability arises from the use of inadequate encryption strength, specifically RSA-1024, to encrypt the admin password client-side before transmission during login. An adjacent attacker capable of intercepting network traffic could attempt to brute-force or factor the RSA-1024 key to recover the plaintext administrator password. This could lead to unauthorized access and compromise of the device configuration. No official patch or remediation guidance is currently available from the vendor. The vulnerability does not affect cloud services and no known exploits are reported in the wild.
AI Analysis
Technical Summary
This vulnerability involves the use of RSA-1024 encryption in the uhttpd modules of TP-Link Archer C7 v5 and v5.8 routers to protect the admin password during login. RSA-1024 is considered weak by modern cryptographic standards and susceptible to factorization attacks. An attacker with network adjacency and interception capability could exploit this weakness to recover the administrator password by breaking the RSA encryption. The affected versions include builds through 20220715. The CVSS 4.0 score is 5.4 (medium severity), reflecting the attack vector as adjacent network with high attack complexity and partial impact on confidentiality. No vendor advisory or patch information is currently provided, and no known exploits have been observed.
Potential Impact
Successful exploitation could allow an adjacent attacker to recover the plaintext administrator password by breaking the RSA-1024 encryption protecting the password during login. This would enable unauthorized access to the router's administrative interface and potentially full compromise of device configuration. The impact is limited to devices running affected firmware versions and requires network adjacency and interception capability. There is no indication of impact on availability or integrity beyond administrative access.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should limit network adjacency exposure by restricting access to the router's management interface and avoid using vulnerable firmware versions. Monitoring for vendor updates is recommended.
CVE-2026-5363: CWE-326: Inadequate Encryption Strength in TP-Link Systems Inc. Archer C7 v5 and v5.8
Description
CVE-2026-5363 is a medium-severity vulnerability affecting TP-Link Archer C7 v5 and v5. 8 routers through build 20220715. The vulnerability arises from the use of inadequate encryption strength, specifically RSA-1024, to encrypt the admin password client-side before transmission during login. An adjacent attacker capable of intercepting network traffic could attempt to brute-force or factor the RSA-1024 key to recover the plaintext administrator password. This could lead to unauthorized access and compromise of the device configuration. No official patch or remediation guidance is currently available from the vendor. The vulnerability does not affect cloud services and no known exploits are reported in the wild.
CVSS v4.0
Score 5.4medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves the use of RSA-1024 encryption in the uhttpd modules of TP-Link Archer C7 v5 and v5.8 routers to protect the admin password during login. RSA-1024 is considered weak by modern cryptographic standards and susceptible to factorization attacks. An attacker with network adjacency and interception capability could exploit this weakness to recover the administrator password by breaking the RSA encryption. The affected versions include builds through 20220715. The CVSS 4.0 score is 5.4 (medium severity), reflecting the attack vector as adjacent network with high attack complexity and partial impact on confidentiality. No vendor advisory or patch information is currently provided, and no known exploits have been observed.
Potential Impact
Successful exploitation could allow an adjacent attacker to recover the plaintext administrator password by breaking the RSA-1024 encryption protecting the password during login. This would enable unauthorized access to the router's administrative interface and potentially full compromise of device configuration. The impact is limited to devices running affected firmware versions and requires network adjacency and interception capability. There is no indication of impact on availability or integrity beyond administrative access.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should limit network adjacency exposure by restricting access to the router's management interface and avoid using vulnerable firmware versions. Monitoring for vendor updates is recommended.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TPLink
- Date Reserved
- 2026-04-01T17:38:27.536Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e0271282d89c981fac389c
Added to database: 4/16/2026, 12:02:26 AM
Last enriched: 4/24/2026, 4:23:02 PM
Last updated: 5/30/2026, 7:59:02 PM
Views: 88
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.