CVE-2026-0654 | TP-Link Deco BE25 up to 1.1.1 Administration Web Interface os command injection
A vulnerability, which was classified as critical, has been found in TP-Link Deco BE25 up to 1.1.1. This affects an unknown function of the component Administration Web Interface. This manipulation causes os command injection.
This vulnerability appears as CVE-2026-0654. The attacker needs to be present on the local network. There is no available exploit.