PT-2025-16038 · Tp Link · Deco Be65 Pro

Chuya Hayakawa

Published

2025-04-11

Updated

2025-04-16

CVE-2025-32107

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Deco BE65 Pro versions prior to Deco BE65 Pro(JP) V1 1.1.2 Build 20250123

Description: The issue is related to an OS command injection vulnerability. If exploited, it allows a user who can log in to the device to execute an arbitrary OS command.

Recommendations: For versions prior to Deco BE65 Pro(JP) V1 1.1.2 Build 20250123, update to version Deco BE65 Pro(JP) V1 1.1.2 Build 20250123 or later to resolve the issue.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2025-32107

Affected Products

Deco Be65 Pro

PT-2025-16038 · Tp Link · Deco Be65 Pro

CVE-2025-32107

Weakness Enumeration

Related Identifiers

Affected Products

References · 7