7.1
CVE-2026-8714
- EPSS 0.21%
- Veröffentlicht 05.06.2026 16:14:28
- Zuletzt bearbeitet 05.06.2026 19:03:48
- Quelle f23511db-6c3e-4e32-a477-6aa17d
- CVE-Watchlists
- Unerledigt
Denial-of-Service Vulnerability in RTSP Input Handling on TP-Link's Tapo C520WS
A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerTP-Link Systems Inc.
≫
Produkt
Tapo C520WS v2
Default Statusunaffected
Version
0
Version <
1.2.6 Build 260528 Rel.60422n
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.106 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| f23511db-6c3e-4e32-a477-6aa17d310630 | 7.1 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://www.tp-link.com/us/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/en/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/faq/5118/