13 matches found
CVE-2026-0919
The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...
CVE-2026-0918
The Tapo C100 v5, C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated...
CVE-2026-0919
The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...
CVE-2026-0919
The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...
CVE-2026-0918
The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can...
CVE-2026-0918
The Tapo C100 v5, C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated...
CVE-2026-0919 Unauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C210, C220 & C520WS
The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...
PT-2026-4988
Name of the Vulnerable Software and Affected Versions Tapo C220 version 1 Tapo C520WS version 2 Description The HTTP parser in the cameras does not correctly process requests with very long URL paths. This leads to a crash and service restart due to improper handling of allocated buffers in clean...
CVE-2025-55192
HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impac...
TP-LINK Tapo 安全漏洞
TP-LINK Tapo is a series of secure WiFi cameras from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to 3.10.513, which stems from a low battery notification that could lead to a user of a shared device gaining full power settings access...
TP-LINK Tapo 安全漏洞
TP-LINK Tapo is a series of secure WiFi cameras from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to 3.3.6 and TP-LINK Tether versions prior to 4.5.13, which stems from vulnerability to incorrect server certificate validation attacks...
TP-LINK Tapo Security Breach
TP-LINK Tapo is a series of secure WiFi cameras from the Chinese company TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to v3.1.315, which stems from incorrect access control allowing an attacker to access user credentials in plaintext...
CVE-2023-38906
An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message...