NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-3294

Summary	An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.
Publication Date	May 23, 2026, 6:16 a.m.
Registration Date	May 27, 2026, 4:06 a.m.
Last Update	May 23, 2026, 6:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.tp-link.com/en/support/download/re305/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
2	https://www.tp-link.com/en/support/download/re360/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
3	https://www.tp-link.com/en/support/download/re580d/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
4	https://www.tp-link.com/en/support/download/re650/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
5	https://www.tp-link.com/en/support/download/tl-wa860re/v4/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
6	https://www.tp-link.com/us/support/download/re305/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
7	https://www.tp-link.com/us/support/download/re360/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
8	https://www.tp-link.com/us/support/download/re580d/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
9	https://www.tp-link.com/us/support/download/re650/v1/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
10	https://www.tp-link.com/us/support/download/tl-wa860re/v4/#Firmware	f23511db-6c3e-4e32-a477-6aa17d310630
11	https://www.tp-link.com/us/support/faq/5101/	f23511db-6c3e-4e32-a477-6aa17d310630

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html