Lucene search
K

24 matches found

GithubExploit
GithubExploit
added 2026/03/06 4:26 p.m.261 views

Exploit for Path Traversal in Tp-Link Tapo_C260_Firmware

Tapo C260 RCE Chain CVE-2026-0651 / CVE-2026-0652 / CVE-2026-...

8.8CVSS5.9AI score0.22757EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.6 views

CVE-2026-0651

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

7.8CVSS5.9AI score0.00303EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.4 views

CVE-2026-0653

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.5 views

CVE-2026-0652

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.8CVSS6.1AI score0.22757EPSS
Exploits2References1
OSV
OSV
added 2026/02/10 6:16 p.m.2 views

CVE-2026-0653

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

6.5CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2026/02/10 6:16 p.m.9 views

CVE-2026-0653

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS0.00386EPSS
Exploits2References4
NVD
NVD
added 2026/02/10 6:16 p.m.8 views

CVE-2026-0652

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.8CVSS0.22757EPSS
Exploits2References3
OSV
OSV
added 2026/02/10 6:16 p.m.6 views

CVE-2026-0652

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.8CVSS6.1AI score0.22757EPSS
Exploits2References3
NVD
NVD
added 2026/02/10 6:16 p.m.6 views

CVE-2026-0651

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

7.8CVSS0.00303EPSS
Exploits2References6
CVE
CVE
added 2026/02/10 5:27 p.m.27 views

CVE-2026-0651

CVE-2026-0651 is a path traversal vulnerability in TP-Link Tapo C260 v1, D235 v1, and C520WS v2.6 where the HTTP server mishandles GET paths: it normalizes paths, but if decoding of URL-encoded input fails it falls back to the raw path, enabling crafted URL-encoded traversal sequences to escape t...

7.8CVSS5.9AI score0.00303EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2026/02/10 5:27 p.m.29 views

CVE-2026-0651 Path Traversal on TP-Link Tapo D235 and C260 via Local https

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

6.9CVSS0.00303EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2026/02/10 5:27 p.m.2 views

CVE-2026-0651 Path Traversal on TP-Link Tapo D235 and C260 via Local https

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

6.9CVSS5.9AI score0.00303EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/02/10 5:27 p.m.29 views

CVE-2026-0652 Remote Code Execution on TP-Link Tapo C260 by Guest User

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.7CVSS0.22757EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/02/10 5:27 p.m.4 views

CVE-2026-0652 Remote Code Execution on TP-Link Tapo C260 by Guest User

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.7CVSS6.1AI score0.22757EPSS
Exploits2References3
CVE
CVE
added 2026/02/10 5:27 p.m.23 views

CVE-2026-0652

CVE-2026-0652 affects TP-Link Tapo C260 v1. The vulnerability is a command-injection flaw caused by improper sanitization of certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands, leading to high impact on confidentiality, in...

8.8CVSS6.1AI score0.22757EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2026/02/10 5:27 p.m.28 views

CVE-2026-0653 Insecure Access Control on TP-Link Tapo D235 and C260

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS0.00386EPSS
Exploits2References4
CVE
CVE
added 2026/02/10 5:27 p.m.23 views

CVE-2026-0653

CVE-2026-0653 affects TP-Link Tapo C260 v1 and D235 v1. A guest-level authenticated user can bypass access controls by sending crafted requests to a synchronization endpoint, enabling modification of protected device settings with limited privileges. Root cause: insufficient access control leadin...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:27 p.m.3 views

CVE-2026-0653

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/02/10 5:27 p.m.8 views

CVE-2026-0653 Insecure Access Control on TP-Link Tapo D235 and C260

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.11 views

PT-2026-7324

Name of the Vulnerable Software and Affected Versions TP-Link Tapo C260 version 1 Description A guest-level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References8
Rows per page
Query Builder