Tp-Link Systems Inc Tapo C520Ws V2.6 vulnerabilities
7 known vulnerabilities affecting tp-link_systems_inc/tapo_c520ws_v2.6.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2026-34121P2HIGHCVSS 8.8fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34121 [HIGH] CWE-287 CVE-2026-34121: An authentication bypass vulnerability within the HTTP handling of the DS configuration service in T
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an authentication-exempt action to a request containing privileged DS do act
nvd
CVE-2025-8065P3MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2025-12-20
CVE-2025-8065 [MEDIUM] CWE-121 CVE-2025-8065: A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200
A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP request with an oversized namespace prefix to cause memory co
nvd
CVE-2026-34118P4MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34118 [MEDIUM] CWE-122 CVE-2026-34118: A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP PO
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An attacker
on the same network segment could trigger heap mem
nvd
CVE-2026-34119P4MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34119 [MEDIUM] CWE-122 CVE-2026-34119: A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTT
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing
loop
when appending segmented request bodies without
continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An attacker
on the same network segment could trigger heap mem
nvd
CVE-2026-34124P4MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34124 [MEDIUM] CWE-120 CVE-2026-34124: A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request
A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent network may send a crafted HTTP request to cause buffer ov
nvd
CVE-2026-34122P4MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34122 [MEDIUM] CWE-121 CVE-2026-34122: A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a conf
A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter, resulting in a stack overflow.
Successful exploitation resu
nvd
CVE-2026-34120P4MEDIUMCVSS 6.5fixed in 1.2.4 Build 260326 Rel.24666n2026-04-02
CVE-2026-34120 [MEDIUM] CWE-122 CVE-2026-34120: A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asy
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to
insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker
on the same network segment could trigger heap memory corruption conditions by
sending craft
nvd