TP-Link Archer BE230 Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the TP-Link Archer BE230 router, specifically in version 1.2 prior to 1.2.4 Build 20251218 rel.70420. This vulnerability allows an authenticated user with high privileges to cause the device to become unresponsive by restoring a crafted configuration file that contains an excessively long parameter. The device requires a reboot to resume normal operation.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the device to become unresponsive and requiring a manual reboot to restore normal functionality.

Remediation

Users are advised to update to the latest firmware version. The updated firmware can be downloaded from the TP-Link website, ensuring to select the appropriate regional site. Instructions for the upgrade process are available on the TP-Link support page.