TP-Link Archer BE230 Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the TP-Link Archer BE230 v1.2 web modules, prior to version 1.2.4 Build 20251218 rel.70420. The issue arises from improper input validation in the HTTP processing path, which may allow a crafted request to disrupt the device's web service. This can cause the web interface to become unresponsive, requiring a reboot to restore normal operation. The vulnerability can be exploited by a network-adjacent attacker with high privileges.

Impact

Exploitation of this vulnerability leads to a temporary denial-of-service condition, causing the device's web interface to stop responding until it is rebooted or recovers on its own.

Remediation

Users are advised to download and update to the latest firmware version. The latest firmware for the Archer BE230 can be downloaded from the TP-Link website, specific to the user's region.