{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22228", "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "state": "PUBLISHED", "assignerShortName": "TPLink", "dateReserved": "2026-01-06T18:18:52.127Z", "datePublished": "2026-02-03T17:20:34.537Z", "dateUpdated": "2026-02-04T18:28:42.403Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["web"], "product": "Archer BE230 v1.2", "vendor": "TP-Link Systems Inc.", "versions": [{"lessThan": "1.2.4 Build 20251218 rel.70420", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "0xakm"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An authenticated user with high privileges may trigger a denial\u2011of\u2011service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore normal operation.<br>This issue affects Archer BE230 v1.2 &lt; 1.2.4 Build 20251218 rel.70420.\n\n<p></p>"}], "value": "An authenticated user with high privileges may trigger a denial\u2011of\u2011service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore normal operation.\nThis issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420."}], "impacts": [{"capecId": "CAPEC-469", "descriptions": [{"lang": "en", "value": "CAPEC-469 HTTP DoS"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 6.8, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "shortName": "TPLink", "dateUpdated": "2026-02-03T17:20:34.537Z"}, "references": [{"tags": ["patch"], "url": "https://www.tp-link.com/us/support/download/archer-be230/v1.20/#Firmware"}, {"tags": ["patch"], "url": "https://www.tp-link.com/en/support/download/archer-be230/v1.20/#Firmware"}, {"tags": ["patch"], "url": "https://www.tp-link.com/sg/support/download/archer-be230/v1.20/#Firmware"}, {"tags": ["vendor-advisory"], "url": "https://www.tp-link.com/us/support/faq/4941/"}], "source": {"discovery": "UNKNOWN"}, "title": "Improper Input Validation Leading to DoS on TP-Link Archer BE230", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-04T18:27:53.729113Z", "id": "CVE-2026-22228", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T18:28:42.403Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-04T18:27:53.729113Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T18:28:33.143Z"}}], "cna": {"title": "Improper Input Validation Leading to DoS on TP-Link Archer BE230", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "0xakm"}], "impacts": [{"capecId": "CAPEC-469", "descriptions": [{"lang": "en", "value": "CAPEC-469 HTTP DoS"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TP-Link Systems Inc.", "modules": ["web"], "product": "Archer BE230 v1.2", "versions": [{"status": "affected", "version": "0", "lessThan": "1.2.4 Build 20251218 rel.70420", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.tp-link.com/us/support/download/archer-be230/v1.20/#Firmware", "tags": ["patch"]}, {"url": "https://www.tp-link.com/en/support/download/archer-be230/v1.20/#Firmware", "tags": ["patch"]}, {"url": "https://www.tp-link.com/sg/support/download/archer-be230/v1.20/#Firmware", "tags": ["patch"]}, {"url": "https://www.tp-link.com/us/support/faq/4941/", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "An authenticated user with high privileges may trigger a denial\u2011of\u2011service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore normal operation.\nThis issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.", "supportingMedia": [{"type": "text/html", "value": "An authenticated user with high privileges may trigger a denial\u2011of\u2011service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore normal operation.<br>This issue affects Archer BE230 v1.2 &lt; 1.2.4 Build 20251218 rel.70420.\n\n<p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "shortName": "TPLink", "dateUpdated": "2026-02-03T17:20:34.537Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22228", "state": "PUBLISHED", "dateUpdated": "2026-02-04T18:28:42.403Z", "dateReserved": "2026-01-06T18:18:52.127Z", "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "datePublished": "2026-02-03T17:20:34.537Z", "assignerShortName": "TPLink"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:archer_be230_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5BA03F6-BE09-4124-9B70-32BE881EDB09", "versionEndExcluding": "1.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:archer_be230:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "2619D728-00BA-47E8-AC08-F682A7E82578", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An authenticated user with high privileges may trigger a denial\u2011of\u2011service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore normal operation.\nThis issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420."}], "id": "CVE-2026-22228", "lastModified": "2026-02-13T19:25:43.203", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}, "published": "2026-02-03T18:16:19.227", "references": [{"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Product"], "url": "https://www.tp-link.com/en/support/download/archer-be230/v1.20/#Firmware"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Product"], "url": "https://www.tp-link.com/sg/support/download/archer-be230/v1.20/#Firmware"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Product"], "url": "https://www.tp-link.com/us/support/download/archer-be230/v1.20/#Firmware"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Vendor Advisory"], "url": "https://www.tp-link.com/us/support/faq/4941/"}], "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T18:35:17.532593+00:00", "value": {"mitigation_remediation": ["Download and install firmware version 1.2.4 or newer from the TP\u2011Link support site, then apply the update through the router\u2019s web interface.", "Reboot the router after the firmware installation.", "If an update is not immediately available, monitor TP\u2011Link\u2019s support site for the latest firmware releases that address this vulnerability and apply the update promptly when it becomes available."], "summary": {"action": "Patch Firmware", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "TP\u2011Link Archer BE230 devices running firmware before version\u00a01.2.4 Build\u00a020251218 rel.70420 are vulnerable. Any device operating on firmware images older than this build, such as the v1.2 series, must be addressed.", "description_and_impact": "An authenticated user with high privileges can trigger a denial\u2011of\u2011service on TP\u2011Link Archer BE230 by restoring a configuration file that contains an excessively long parameter. The restoration overflows internal buffers, rendering the router unresponsive until it is rebooted. The flaw is an input\u2011validation vulnerability, classified as CWE\u2011400, and limits availability to the affected device during the unresponsive period.", "risk_and_exploitability": "The CVSS score of 6.8 places this vulnerability in the Medium severity range, while the EPSS score of less than\u00a01% signals a very low current exploitation probability. It is not listed in the CISA KEV catalog. Exploitation requires authenticated access with administrative privileges, implying an internal or compromised configuration model rather than an unauthenticated network attack. The risk therefore concentrates on environments where privileged users can upload configuration files to an unpatched router."}}}}, "created": "2026-02-04T12:09:36.274065+00:00", "updated": "2026-04-18T18:45:05.749933+00:00", "vendors": ["tp-link", "tp-link$PRODUCT$archer_be230"]}