← Back

CVE-2026-22220

nvd nist
Published: Feb 3, 2026Modified: Feb 13, 2026

JSON object

Loading...
6.8
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: f23511db-6c3e-4e32-a477-6aa17d310630 (Secondary)

Description

A lack of proper input validation in the HTTP processing path in TP-Link Archer BE230 v1.2 (web modules) may allow a crafted request to cause the device’s web service to become unresponsive, resulting in a denial of service condition. A network adjacent attacker with high privileges could cause the device’s web interface to temporarily stop responding until it recovers or is rebooted. This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.

Affected (1)

Tp Link
1 product
Archer Be230 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Archer Be230 Firmware
Before 1.2.4
Running on/withPlatform Versions
Tp Link
Archer Be230
Version 1.20

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Vendor Advisory

Timeline

No history available yet.