Impact
An OS Command Injection flaw in the web modules of TP‑Link Archer BE230 v1.2 and Archer AXE75 v1.0 allows an authenticated user to inject arbitrary operating‑system commands. Successful exploitation can give the attacker full administrative control over the device, enabling configuration tampering, network compromise, and availability disruption. The vulnerability is identified as CWE‑78.
Affected Systems
The vulnerability affects TP‑Link Archer BE230 firmware versions up to but not including 1.2.4 Build 20251218 rel.70420 – specifically versions 1.2.0 through 1.2.3 – and TP‑Link Archer AXE75 firmware versions prior to 1.5.3 Build 20260209 rel.71108. The affected models are the Archer BE230 and the AXE75 series.
Risk and Exploitability
The CVSS score of 8.5 indicates a high severity flaw. The EPSS score of 1 % suggests a low current exploitation likelihood. The attack requires an authenticated session within the router’s web interface, so the main risk is to routers that expose the management interface to local or remote users. The vulnerability is not listed in the CISA KEV catalog. If remote management is enabled or the device is reachable from the broader network, the risk increases, and administrators should consider immediate remediation.
OpenCVE Enrichment