Fileread CVE-2026-30817 in TPLink AX53 OpenVPN module before v1.7.1
CVE-2026-30817 Published on April 8, 2026
Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53
An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device, potentially exposing sensitive information.This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
Weakness Type
External Control of System or Configuration Setting
One or more system settings or configuration elements can be externally controlled by a user. Allowing external control of system settings can disrupt service or cause an application to behave in unexpected, and potentially malicious ways.
Affected Versions
TP-Link Systems Inc. AX53 v1.0:- Before 1.7.1 Build 20260213 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.