TP-Link Deco BE25 allows attackers to read files or crash the system

Summary

An attacker who has a valid login can access and read files they shouldn't be able to, potentially exposing sensitive information. This affects all versions of TP-Link Deco BE25 up to 1.1.1 Build 20250822. Update to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
tp-link	deco_be25_firmware	<= 1.1.1	–

Original title

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows authenticated adjacent attacker to read arbitrary files o...

Original description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822.

nvd CVSS3.1 8.0

nvd CVSS4.0 6.9

Vulnerability type

CWE-22 Path Traversal

https://www.tp-link.com/en/support/download/deco-be25/#Firmware Product
https://www.tp-link.com/sg/support/download/deco-be25/#Firmware Product
https://www.tp-link.com/us/support/download/deco-be25/v1/#Firmware Product
https://www.tp-link.com/us/support/faq/4993/ Vendor Advisory