CVE-2026-22222
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-02-02
Last updated on: 2026-02-06
Assigner: TPLink
Description
Description
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability.
This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tp-link | archer_be230_firmware | to 1.2.4 (exc) |
| tp-link | archer_be230 | 1.20 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an OS Command Injection issue in the TP-Link Archer BE230 v1.2 web modules. It allows an adjacent authenticated attacker to execute arbitrary code on the device. Exploiting this vulnerability could give the attacker full administrative control over the device.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability can lead to severe compromise of the device's configuration integrity, network security, and service availability, as the attacker could gain full administrative control of the device.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70