Is Command Injection affected by CVE-2026-0631?

A HIGH severity command injection vulnerability affects TP-Link Archer BE230 routers with VPN modules, allowing authenticated users with network access to execute arbitrary code and potentially compromise network security.

CVE-2026-0631

Q: How to fix CVE-2026-0631?

Within 24 hours: Identify all TP-Link Archer BE230 v1.2 devices in inventory and restrict VPN module access to trusted administrators only. Within 7 days: Apply the available vendor patch to all affected devices and verify successful deployment. Within 30 days: Conduct network access audit and implement enhanced monitoring on patched devices to detect exploitation attempts.

HIGH

2026-02-02 f23511db-6c3e-4e32-a477-6aa17d310630

8.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:01 vuln.today

Patch Released

Feb 06, 2026 - 18:36 nvd

Patch available

CVE Published

Feb 02, 2026 - 18:16 nvd

HIGH 8.0

Description

An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420.

Analysis

Authenticated attackers on the same network segment can inject arbitrary OS commands into TP-Link Archer BE230 firmware versions before 1.2.4 Build 20251218, achieving full device compromise including administrative control. This command injection vulnerability in the VPN modules allows attackers to manipulate device configuration, disrupt network security, and disable services with high severity impact. …

Remediation

Within 24 hours: Identify all TP-Link Archer BE230 v1.2 devices in inventory and restrict VPN module access to trusted administrators only. Within 7 days: Apply the available vendor patch to all affected devices and verify successful deployment. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +40

POC: 0

CVE-2026-0631 vulnerability details – vuln.today

Back

CVE-2026-0631

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-0631

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code