An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface.  An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web server, these inputs may cause the device to respond with HTTP 3xx redirects to attacker-controlled external domains. This issue affects Archer AX20 V2.0: through 2.1.9 Build 20230829.
History

Wed, 01 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 01 Jul 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link archer Ax20
Vendors & Products Tp-link
Tp-link archer Ax20

Tue, 30 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface.  An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web server, these inputs may cause the device to respond with HTTP 3xx redirects to attacker-controlled external domains. This issue affects Archer AX20 V2.0: through 2.1.9 Build 20230829.
Title Unauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web Interface
Weaknesses CWE-601
References
Metrics cvssV4_0

{'score': 5.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2026-06-30T20:34:43.577Z

Updated: 2026-07-01T15:38:52.064Z

Reserved: 2026-06-01T15:52:40.939Z

Link: CVE-2026-10562

cve-icon Vulnrichment

Updated: 2026-07-01T15:38:48.582Z

cve-icon NVD

No data.

cve-icon Redhat

No data.