CVE-2026-36606

Vulnerability

A hardcoded DES key is used to encrypt configuration backups in Mercusys AC12G (EU) V1 routers, specifically with firmware versions AC12G(EU)_V1_200909 and AC12G(EU)_V1_210128. The encryption uses single DES in ECB mode with a 56-bit effective key strength and a 16-byte header. This vulnerability stems from the use of a hard-coded cryptographic key [1].

Exploitation

An attacker needs to obtain a configuration backup file from the affected device. Once the file is acquired, the attacker can decrypt it by skipping the 16-byte header and applying DES-ECB decryption using the known hardcoded key (0x478DA50BF9E3D2CF). The encryption pipeline involves proprietary TP-Link LZ compression before DES-ECB encryption [1].

Impact

Successful exploitation allows an attacker to recover all stored credentials from the decrypted configuration backup. This includes the administrator password, WiFi WPA2 pre-shared keys for both 2.4GHz and 5GHz bands, PPPoE username and password, DDNS credentials, and guest network credentials. Although obtaining the backup file requires authentication, the weak encryption provides no real protection once the file is in possession of an attacker [1].

Mitigation

This vulnerability affects Mercusys AC12G (EU) V1 routers, which are considered end-of-life, and no fix is planned. The DES encryption is cryptographically weak and the hardcoded key is publicly known and shared across multiple TP-Link and Mercusys firmware versions [1].