VYPR

Archer C50&A5

by TP-Link

CVEs (8)

  • CVE-2023-32619HigSep 6, 2023
    risk 0.57cvss 8.8epss 0.00

    Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary…

  • CVE-2024-54126HigDec 5, 2024
    risk 0.55cvss epss 0.00

    This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading…

  • CVE-2020-9375HigMar 25, 2020
    risk 0.54cvss 7.5epss 0.28

    TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.

  • CVE-2023-31188HigSep 6, 2023
    risk 0.52cvss 8.0epss 0.00

    Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer…

  • CVE-2022-33087HigJun 30, 2022
    risk 0.49cvss 7.5epss 0.01

    A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2025-6982MedJul 16, 2025
    risk 0.45cvss epss 0.00

    Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ), and C20 V5 (<US_V5_260419 or <EU_V5_260317) allows attackers to decrypt the config.xml files.

  • CVE-2023-0936MedFeb 21, 2023
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the…

  • CVE-2024-54127MedDec 5, 2024
    risk 0.28cvss epss 0.00

    This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this…