7.1
CVE-2026-12760
- EPSS 0.22%
- Veröffentlicht 24.06.2026 18:10:49
- Zuletzt bearbeitet 29.06.2026 16:17:25
- Quelle f23511db-6c3e-4e32-a477-6aa17d
- CVE-Watchlists
- Unerledigt
Denial-of-Service Vulnerability via Malformed IPv4 Fragmentation Handling in TP-Link Tapo C200
A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the device.Successful exploitation can remotely trigger a temporary denial-of-service condition, causing the camera to become unresponsive and resulting in intermittent loss of video monitoring and recording.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tp-link ≫ Tapo C200 Firmware Version1.3.3 Updatebuild_230228
Tp-link ≫ Tapo C200 Firmware Version1.3.4 Updatebuild_230424
Tp-link ≫ Tapo C200 Firmware Version1.3.5 Updatebuild_230717
Tp-link ≫ Tapo C200 Firmware Version1.3.7 Updatebuild_230920
Tp-link ≫ Tapo C200 Firmware Version1.3.9 Updatebuild_231019
Tp-link ≫ Tapo C200 Firmware Version1.3.11 Updatebuild_231115
Tp-link ≫ Tapo C200 Firmware Version1.3.13 Updatebuild_240327
Tp-link ≫ Tapo C200 Firmware Version1.3.14 Updatebuild_240513
Tp-link ≫ Tapo C200 Firmware Version1.3.15 Updatebuild_240715
Tp-link ≫ Tapo C200 Firmware Version1.4.1 Updatebuild_241212
Tp-link ≫ Tapo C200 Firmware Version1.4.2 Updatebuild_250313
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.127 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| f23511db-6c3e-4e32-a477-6aa17d310630 | 7.1 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
https://www.tp-link.com/us/support/download/tapo-c200/v3/#Firmware-Release-Notes
https://www.tp-link.com/en/support/download/tapo-c200/v3/#Firmware-Release-Notes
https://www.tp-link.com/us/support/faq/5143/