Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Feb 4, 2026

Improper Input Validation Leading to DoS on TP-Link Archer BE230

CVE-2026-22220

Description

A lack of proper input validation in the HTTP processing path in TP-Link Archer BE230 v1.2 (web modules) may allow a crafted request to cause the device’s web service to become unresponsive, resulting in a denial of service condition. A network adjacent attacker with high privileges could cause the device’s web interface to temporarily stop responding until it recovers or is rebooted. This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.

Affected products

TP-Link/Archer BE230llm-fuzzy
Range: < 1.2.4 Build 20251218 rel.70420
TP-Link Systems Inc./Archer BE230 v1.2v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/en/support/download/archer-be230/v1.20/mitrepatch
www.tp-link.com/sg/support/download/archer-be230/v1.20/mitrepatch
www.tp-link.com/us/support/download/archer-be230/v1.20/mitrepatch
www.tp-link.com/us/support/faq/4941/mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000