TP-Link Archer BE230 Command Injection Vulnerability via Crafted VPN Client Configuration File

A command injection vulnerability has been identified in the TP-Link Archer BE230 router, specifically in version 1.2 prior to 1.2.4 Build 20251218 rel.70420. This vulnerability can be exploited by importing a specially crafted VPN client configuration file, after the admin has authenticated. Successful exploitation may allow an attacker to gain full administrative control of the device, severely compromising the integrity of the device's configuration, network security, and availability of services.

Impact

Exploitation of this vulnerability could lead to full administrative access on the device, allowing for unauthorized changes to the device's configuration, potential misuse of network resources, and disruption of services.

Remediation

Users are advised to update to the latest firmware version. The updated firmware can be downloaded from the TP-Link official website, selecting the appropriate regional site. For users in the US, the firmware is available on the TP-Link US support page for the Archer BE230. Users in other regions can check their respective TP-Link regional websites.