Lucene search
K

73 matches found

NVD
NVD
added 2026/06/24 7:17 p.m.8 views

CVE-2026-12760

A denial-of-service DoS vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the...

7.1CVSS0.00222EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 6:10 p.m.8 views

CVE-2026-12760

The CVE-2026-12760 vulnerability affects TP-Link Tapo C200 (v3) in the network packet handling path. It arises from improper handling of IPv4 fragmented packets, allowing an unauthenticated adjacent attacker to send crafted fragments to cause excessive resource usage, leading to a temporary DoS c...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52038

Name of the Vulnerable Software and Affected Versions Tapo C200 v3 Description A denial-of-service DoS issue exists in the network packet handling logic due to improper processing of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/11 6:5 p.m.66 views

Exploit for Command Injection in Tp-Link Tapo_C200_Firmware

🔍 CVE-2021-4045: Vulnerabilidad de Inyección de Comandos en...

10CVSS8AI score0.72843EPSS
Exploits10
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS5.9AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 4:13 p.m.34 views

CVE-2026-1871

CVE-2026-1871 affects TP-Link Tapo C200 v5. The issue is a stack-based buffer overflow in the RTSP authentication handling caused by improper validation of Authorization header lengths. Exploitation triggers a crash of the RTSP core service and an automatic system reboot, resulting in a DoS that ...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/02 4:13 p.m.12 views

EUVD-2026-33978

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 4:13 p.m.6 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/02 4:13 p.m.9 views

CVE-2026-1871 Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-45796

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.5 views

TP-Link Tapo C200 安全漏洞

The TP-Link Tapo C200 is a webcam device produced by TP-Link Corporation. The TP-Link Tapo C200 v5 version has a security vulnerability. This vulnerability stems from an improper validation of the length of the Authorization header field during RTSP authentication processing. This can lead to a...

7.1CVSS5.6AI score0.00305EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/22 1:35 p.m.7 views

CVE-2025-8065

A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP reque...

8.7CVSS6.8AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/22 1:35 p.m.5 views

CVE-2025-14300

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service DoS...

8.7CVSS6.7AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/22 1:35 p.m.6 views

CVE-2025-14299

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...

7.1CVSS6.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/20 3:31 a.m.5 views

EUVD-2025-204619

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service DoS...

8.7CVSS6.2AI score0.00304EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/20 3:31 a.m.8 views

EUVD-2025-204621

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service DoS...

7.1CVSS6.8AI score0.00475EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/20 3:31 a.m.10 views

EUVD-2025-204620

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...

7.1CVSS6.3AI score0.00224EPSS
Exploits0References3
NVD
NVD
added 2025/12/20 1:16 a.m.11 views

CVE-2025-8065

A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP reque...

8.7CVSS0.00475EPSS
Exploits0References5
OSV
OSV
added 2025/12/20 1:16 a.m.3 views

CVE-2025-8065

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service DoS...

6.5CVSS6AI score
Exploits0References2
OSV
OSV
added 2025/12/20 1:16 a.m.4 views

CVE-2025-14300

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service DoS...

8.1CVSS5.8AI score0.00304EPSS
Exploits0References2
Rows per page
Query Builder