diff --git a/src/agent_map.c b/src/agent_map.c
index 882d7760782d67cedb9f5d208ba39b7f584aecb4..048e4453947b465c32d380b41b0e05447bbc30cf 100644
--- a/src/agent_map.c
+++ b/src/agent_map.c
@@ -923,12 +923,6 @@ int handle_ap_autoconfig_response(void *agent, struct cmdu_buff *rx_cmdu)
 {
 	trace("agent: %s: --->\n", __func__);
 	struct agent *a = (struct agent *) agent;
-	struct tlv_policy a_policy[] = {
-		[0] = { .type = TLV_TYPE_SUPPORTED_ROLE, .present = TLV_PRESENT_ONE },
-		[1] = { .type = MAP_TLV_SUPPORTED_SERVICE, .present = TLV_PRESENT_ONE },
-		[2] = { .type = MAP_TLV_MULTIAP_PROFILE, .present = TLV_PRESENT_ONE },
-		[3] = { .type = TLV_TYPE_SUPPORTED_FREQ_BAND, .present = TLV_PRESENT_ONE }
-	};
 	struct wifi_radio_element *radio = NULL;
 	struct tlv *tv[4][16] = {0};
 	bool cntlr = false;
@@ -936,6 +930,11 @@ int handle_ap_autoconfig_response(void *agent, struct cmdu_buff *rx_cmdu)
 	int i;
 	struct cmdu_buff *resp;
 
+	if (!validate_ap_autoconfig_response(rx_cmdu, tv)) {
+		dbg("cmdu validation: [AP_AUTOCONFIG_RESPONSE] failed\n");
+		return -1;
+	}
+
 #ifdef EASYMESH_R2_CERT
 	resp = agent_gen_topology_discovery(a);
 	if (resp) {
@@ -950,11 +949,6 @@ int handle_ap_autoconfig_response(void *agent, struct cmdu_buff *rx_cmdu)
 		return -1;
 	}
 
-	cmdu_parse_tlvs(rx_cmdu, tv, a_policy, 4);
-
-	if (!tv[0][0] || !tv[1][0] || !tv[2][0] || !tv[3][0])
-		return -1;
-
 	/* If MID is not the one we sent, discard response */
 	for (i = 0; i < a->num_radios; i++) {
 		trace("radio %s has mid %d\n", a->radios[i].name, a->radios[i].mid);
diff --git a/src/cmdu_validate.c b/src/cmdu_validate.c
index 9e0bf4aab01106648a3562e0028191cd09f9a08f..843641bed153bca5faf90e404e2fb44d3af89d0e 100644
--- a/src/cmdu_validate.c
+++ b/src/cmdu_validate.c
@@ -103,6 +103,7 @@ bool validate_topology_response(struct cmdu_buff *cmdu, struct tlv *tv[][16])
 			},
 			[6] = { .type = MAP_TLV_SUPPORTED_SERVICE,
 					.present = TLV_PRESENT_ONE,
+					.minlen = 1, /* num of services */
 			},
 			[7] = { .type = MAP_TLV_AP_OPERATIONAL_BSS,
 					.present = TLV_PRESENT_ONE,
@@ -406,7 +407,6 @@ bool validate_ap_autoconfig_search(struct cmdu_buff *cmdu, struct tlv *tv[][16])
 				.maxlen = 1
 		}
 	};
-	//int num = 0;
 	int ret;
 
 	trace("%s |" MACFMT "|CMDU: ap autoconfig search\n",
@@ -535,3 +535,114 @@ bool validate_ap_autoconfig_search(struct cmdu_buff *cmdu, struct tlv *tv[][16])
 
 	return true;
 }
+
+bool validate_ap_autoconfig_response(struct cmdu_buff *cmdu, struct tlv *tv[][16])
+{
+	struct tlv_policy a_policy[] = {
+		[0] = { .type = TLV_TYPE_SUPPORTED_ROLE,
+				.present = TLV_PRESENT_ONE,
+				.minlen = 1, /* tlv_supported_role */
+				.maxlen = 1,
+		},
+		[1] = { .type = MAP_TLV_SUPPORTED_SERVICE,
+				.present = TLV_PRESENT_ONE,
+				.minlen = 1, /* num of services */
+		},
+		[2] = { .type = MAP_TLV_MULTIAP_PROFILE,
+				.present = TLV_PRESENT_ONE,
+				.minlen = 1, /* tlv_map_profile */
+				.maxlen = 1
+		},
+		[3] = { .type = TLV_TYPE_SUPPORTED_FREQ_BAND,
+				.present = TLV_PRESENT_ONE,
+				.minlen = 1, /* tlv_supported_band */
+				.maxlen = 1
+		}
+	};
+	int ret;
+
+	trace("%s |" MACFMT "|CMDU: ap autoconfig response\n",
+		  __func__, MAC2STR(cmdu->origin));
+
+	ret = cmdu_parse_tlvs(cmdu, tv, a_policy, 4);
+	if (ret) {
+		dbg("%s: parse_tlv failed\n", __func__);
+		return false;
+	}
+
+	if (!tv[0][0] || !tv[2][0] || !tv[3][0]) {
+		dbg("%s: Missing one or more mandatory TLV!\n", __func__);
+		return false;
+	}
+
+	/* Parse SupportedRole TLV */
+	if (tv[0][0]) {
+		struct tlv_supported_role *tlv;
+		uint16_t tlv_len = tlv_length(tv[0][0]);
+
+		/* role (1 byte) */
+		if (tlv_len != sizeof(struct tlv_supported_role))
+			return false;
+
+		tlv = (struct tlv_supported_role *)tv[0][0]->data;
+		if (!tlv)
+			return false;
+	}
+
+	/* Parse SupportedService TLV */
+	if (tv[1][0]) {
+		uint8_t *tv_data;
+		uint8_t num_services;
+		int offset = 0;
+		uint16_t tlv_len = tlv_length(tv[1][0]);
+
+		if (tlv_len < 1)
+			return false;
+
+		tv_data = (uint8_t *) tv[1][0]->data;
+		if (!tv_data)
+			return false;
+
+		/* num_services (1 byte) */
+		if (offset + 1 > tlv_len)
+			return false;
+
+		num_services = tv_data[offset];
+
+		offset += 1;
+
+		/* services (num_services bytes) */
+		if (offset + num_services > tlv_len)
+			return false;
+	}
+
+	/* Parse MultiAP Profile TLV */
+	if (tv[2][0]) {
+		struct tlv_map_profile *tlv;
+		uint16_t tlv_len = tlv_length(tv[2][0]);
+
+		/* profile (1 byte) */
+		if (tlv_len != sizeof(struct tlv_map_profile))
+			return false;
+
+		tlv = (struct tlv_map_profile *)tv[2][0]->data;
+		if (!tlv)
+			return false;
+	}
+
+	/* Parse SupportedFreqBand TLV */
+	if (tv[3][0]) {
+		struct tlv_supported_band *tlv;
+		uint16_t tlv_len = tlv_length(tv[3][0]);
+
+		/* band (1 byte) */
+		if (tlv_len != sizeof(struct tlv_supported_band))
+			return false;
+
+		tlv = (struct tlv_supported_band *)tv[3][0]->data;
+		if (!tlv)
+			return false;
+	}
+
+	return true;
+}
diff --git a/src/cmdu_validate.h b/src/cmdu_validate.h
index 26a0acc89304a551da51b39ade35e08e770a9577..bfa5576c9c19c06aebe4fef236e4a2d0580a5a93 100644
--- a/src/cmdu_validate.h
+++ b/src/cmdu_validate.h
@@ -6,5 +6,6 @@ bool validate_channel_scan_request(struct cmdu_buff *cmdu, struct tlv *tv[][16])
 bool validate_topology_response(struct cmdu_buff *cmdu, struct tlv *tv[][16]);
 bool validate_ap_autoconfig_wsc(struct cmdu_buff *cmdu, struct tlv *tv[][16]);
 bool validate_ap_autoconfig_search(struct cmdu_buff *cmdu, struct tlv *tv[][16]);
+bool validate_ap_autoconfig_response(struct cmdu_buff *cmdu, struct tlv *tv[][16]);
 
 #endif	/* CMDU_VALIDATE */