Key Findings TP-Link Archer BE450v1 and BE7200 v1 routers contain authenticated command injection vulnerability tracked as CVE-2026-5509 with CVSS score of 8.5 Successful exploitation grants attackers arbitrary command execution with elevated privileges, enabling full router compromise and sensitive data interception Firmware versions below 1.3.0 Build 20260416 remain vulnerable on both affected models Official patches are available and immediate installation is critical for