Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.7 views

CVE-2026-0919

The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...

7.5CVSS5.4AI score0.00534EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.9 views

CVE-2026-0918

The Tapo C100 v5, C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated...

7.5CVSS5.3AI score0.00682EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 6:15 p.m.7 views

CVE-2026-0919

The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...

7.5CVSS5.9AI score0.00534EPSS
Exploits0References5
NVD
NVD
added 2026/01/27 6:15 p.m.10 views

CVE-2026-0919

The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...

7.5CVSS0.00534EPSS
Exploits0References7
OSV
OSV
added 2026/01/27 6:15 p.m.4 views

CVE-2026-0918

The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can...

7.5CVSS5.8AI score0.00682EPSS
Exploits0References6
NVD
NVD
added 2026/01/27 6:15 p.m.17 views

CVE-2026-0918

The Tapo C100 v5, C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated...

7.5CVSS0.00682EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/01/27 5:52 p.m.4 views

CVE-2026-0919 Unauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C210, C220 & C520WS

The HTTP parser of Tapo C210 v3, C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can...

7.1CVSS5.4AI score0.00534EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.10 views

PT-2026-4988

Name of the Vulnerable Software and Affected Versions Tapo C220 version 1 Tapo C520WS version 2 Description The HTTP parser in the cameras does not correctly process requests with very long URL paths. This leads to a crash and service restart due to improper handling of allocated buffers in clean...

7.5CVSS5.7AI score0.00534EPSS
Exploits0References9
NVD
NVD
added 2025/08/14 5:15 p.m.8 views

CVE-2025-55192

HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impac...

8.6CVSS0.0032EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.5 views

TP-LINK Tapo 安全漏洞

TP-LINK Tapo is a series of secure WiFi cameras from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to 3.10.513, which stems from a low battery notification that could lead to a user of a shared device gaining full power settings access...

4.8CVSS6.4AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.5 views

TP-LINK Tapo 安全漏洞

TP-LINK Tapo is a series of secure WiFi cameras from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to 3.3.6 and TP-LINK Tether versions prior to 4.5.13, which stems from vulnerability to incorrect server certificate validation attacks...

4.8CVSS5.1AI score0.00217EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/28 12:0 a.m.2 views

TP-LINK Tapo Security Breach

TP-LINK Tapo is a series of secure WiFi cameras from the Chinese company TP-LINK. A security vulnerability exists in TP-LINK Tapo versions prior to v3.1.315, which stems from incorrect access control allowing an attacker to access user credentials in plaintext...

6.5CVSS6.7AI score0.00249EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/08/22 12:15 a.m.6 views

CVE-2023-38906

An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message...

6.5CVSS5.8AI score0.00459EPSS
Exploits0References5
Rows per page
Query Builder