Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
CVE-2026-0630: TP-Link Archer BE230: Unauthenticated Code Execution via Malicious Device Access
CVE-2026-0630
Summary
An attacker with access to the same network as a TP-Link Archer BE230 router, who has authenticated with the device, can potentially take control of the router, compromising its configuration, network security, and availability. This can happen if the router's software is not updated to at least version 1.2.4 Build 20251218 rel.70420. Users should update their router software to the latest version to prevent this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| tp-link | archer_be230_firmware |
< 1.2.4 cpe:2.3:o:tp-link:archer_be230_firmware:*:*:*:*:*:*:*:* |
Original title
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) and Archer AXE75 v1.0 allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation c...
Original description
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) and Archer AXE75 v1.0 allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability.
This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Archer AXE v1.0 <
1.5.3 Build 20260209 rel. 71108.
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability.
This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Archer AXE v1.0 <
1.5.3 Build 20260209 rel. 71108.
nvd CVSS3.1
8.0
nvd CVSS4.0
8.5
Vulnerability type
CWE-78
OS Command Injection
- https://www.tp-link.com/en/support/download/archer-be230/v1.20/#Firmware Product
- https://www.tp-link.com/sg/support/download/archer-be230/v1.20/#Firmware Product
- https://www.tp-link.com/us/support/download/archer-be230/v1.20/#Firmware Product
- https://www.tp-link.com/us/support/faq/4935/ Vendor Advisory Patch
- https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware
- https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware
Published: 2 Feb 2026 · Updated: 15 Jun 2026 · First seen: 6 Mar 2026