What is GHSA-x4px-5wq7-9jm8?

GHSA-x4px-5wq7-9jm8 is a security advisory published by GitHub Security Advisories with High severity. An authentication logic vulnerability in multiple TP-Link range extenders allows an...

Which CVE IDs does GHSA-x4px-5wq7-9jm8 cover?

GHSA-x4px-5wq7-9jm8 covers the following CVE IDs: CVE-2026-3294. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-x4px-5wq7-9jm8High

An authentication logic vulnerability in multiple TP-Link range extenders allows an...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-3294 →

📋 Description

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation.

Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.

🔗 References (13)

https://nvd.nist.gov/vuln/detail/CVE-2026-3294
https://www.tp-link.com/en/support/download/re305/v1/#Firmware
https://www.tp-link.com/en/support/download/re360/v1/#Firmware
https://www.tp-link.com/en/support/download/re580d/#Firmware
https://www.tp-link.com/en/support/download/re650/v1/#Firmware
https://www.tp-link.com/en/support/download/tl-wa860re/v4/#Firmware
https://www.tp-link.com/us/support/download/re305/v1/#Firmware
https://www.tp-link.com/us/support/download/re360/v1/#Firmware
https://www.tp-link.com/us/support/download/re580d/#Firmware
https://www.tp-link.com/us/support/download/re650/v1/#Firmware
https://www.tp-link.com/us/support/download/tl-wa860re/v4/#Firmware
https://www.tp-link.com/us/support/faq/5101
https://github.com/advisories/GHSA-x4px-5wq7-9jm8