CVE-2026-22221
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-02-02

Last updated on: 2026-02-06

Assigner: TPLink

Description
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-02
Last Modified
2026-02-06
Generated
2026-05-27
AI Q&A
2026-02-02
EPSS Evaluated
2026-05-25
NVD
CVE-2026-22221
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tp-link archer_be230_firmware to 1.2.4 (exc)
tp-link archer_be230 1.20
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-22221 is an OS Command Injection vulnerability in the VPN Modules of the TP-Link Archer BE230 router version 1.2 prior to firmware 1.2.4. It allows an adjacent authenticated attacker with high privileges to execute arbitrary operating system commands on the device. Successful exploitation can lead to full administrative control of the router, compromising its configuration integrity, network security, and service availability. [1]


How can this vulnerability impact me? :

This vulnerability can severely impact you by allowing an attacker to gain full administrative control over your TP-Link Archer BE230 router. This means the attacker could alter device configurations, disrupt network security, and affect the availability of network services, potentially leading to a complete compromise of your network environment. [1]


What immediate steps should I take to mitigate this vulnerability?

Users should immediately update the TP-Link Archer BE230 router firmware to version 1.2.4 Build 20251218 rel.70420 or later, as this update fixes the OS command injection vulnerability in the VPN modules. It is recommended to download the firmware only from the official TP-Link website corresponding to the purchase region, verify the hardware version before upgrading, use a wired connection during the upgrade to avoid disconnections, avoid powering off the device during the process, and stop all internet applications or disconnect the internet line during the upgrade to ensure a successful update. [1, 2, 3]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability allows an authenticated attacker to gain full administrative control of the TP-Link Archer BE230 device, severely compromising configuration integrity, network security, and service availability.

Such a compromise could lead to unauthorized access to sensitive data or disruption of network services, which may negatively impact compliance with common standards and regulations like GDPR and HIPAA that require protection of data confidentiality, integrity, and availability.

However, the provided information does not explicitly state the direct effects on compliance with these standards or regulations.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart