NULL Pointer Dereference Vulnerability in TP-Link Archer BE400
CVE-2025-14631
7.1HIGH
What is CVE-2025-14631?
A NULL Pointer Dereference vulnerability in the TP-Link Archer BE400 V1 affects the 802.11 modules, allowing adjacent attackers to initiate a denial-of-service (DoS) attack, which results in the device unexpectedly rebooting. This vulnerability primarily impacts the Archer BE400 in version xi 1.1.0 Build 20250710 rel.14914, posing significant risks to device availability and functionality.
Affected Version(s)
Archer BE400 0 <= 1.1.0 Build 20250710 rel.14914
References
CVSS V4
Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Kari Hulkko of Black Duck Cybersecurity Research Center (CyRC)