Command Injection Vulnerability in Archer VPN Connection Service
CVE-2026-22225

8.5HIGH

Key Information:

Vendor

Tp-link Systems Inc.

Status
Archer Be230 V1.2
Archer Ax53 V1.0
Vendor
CVE Published:
2 February 2026

What is CVE-2026-22225?

A command injection vulnerability exists in the VPN Connection Service of the TP-Link Archer BE230 device. This flaw can be exploited post-authentication, enabling attackers to take full administrative control over the device. The exploitation of this vulnerability could lead to significant risks, including compromising configuration integrity, undermining network security, and causing disruptions in service availability. Immediate action is advised for users operating on affected firmware versions to ensure their devices remain secure.

Affected Version(s)

Archer AX53 v1.0 0

Archer BE230 v1.2 0 < 1.2.4 Build 20251218 rel.70420

References

https://www.tp-link.com/us/support/download/archer-be230/...
patch
https://www.tp-link.com/en/support/download/archer-be230/...
patch
https://www.tp-link.com/sg/support/download/archer-be230/...
patch

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

caprinuxx
.