CVE-2026-22229
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-02-02

Last updated on: 2026-03-02

Assigner: TPLink

Description
A command injection vulnerability may be exploited after the admin's authentication via the import of a crafted VPN client configuration file on the TP-Link Archer BE230 v1.2 and Deco BE25 v1.0. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID. This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Deco BE25Β v1.0: through 1.1.1 Build 20250822.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-02
Last Modified
2026-03-02
Generated
2026-06-16
AI Q&A
2026-02-02
EPSS Evaluated
2026-06-14
NVD
CVE-2026-22229
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tp-link archer_be230_firmware to 1.2.4 (exc)
tp-link archer_be230 1.20
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a command injection flaw in the TP-Link Archer BE230 v1.2 router. It can be exploited after an administrator authenticates by importing a specially crafted VPN client configuration file. Successful exploitation allows an attacker to execute arbitrary OS commands, potentially gaining full administrative control over the device.

Impact Analysis

Exploitation of this vulnerability can lead to an attacker gaining full administrative control of the affected device. This can result in severe compromise of the device's configuration integrity, network security, and availability of services, potentially allowing unauthorized access, disruption, or manipulation of network traffic.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22229. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart