OS Command Injection Vulnerability in Deco BE65 Pro Firmware by TP-Link
CVE-2025-32107
8HIGH
What is CVE-2025-32107?
An OS command injection vulnerability has been identified in the Deco BE65 Pro firmware versions prior to Deco BE65 Pro(JP)_V1_1.1.2 Build 20250123. This flaw allows authenticated users to execute arbitrary OS commands on the device, potentially compromising the security and integrity of the system. Device administrators are advised to upgrade to the latest firmware to mitigate this risk.
Affected Version(s)
Deco BE65 Pro firmware versions prior to "Deco BE65 Pro(JP)_V1_1.1.2 Build 20250123"