Medium severity6.5NVD Advisory· Published Dec 20, 2025· Updated Apr 3, 2026
CVE-2025-8065
CVE-2025-8065
Description
A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP request with an oversized namespace prefix to cause memory corruption in stack.
An unauthenticated attacker on the same local network may exploit this flaw to enable remote code execution with elevated privileges, leading to full compromise of the device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.11:build_231115:*:*:*:*:*:*+ 11 more
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.11:build_231115:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.13:build_240327:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.14:build_240513:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.15:build_240715:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.3:build_230228:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.4:build_230424:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.5:build_230717:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.7:build_230920:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.9:build_231019:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.4.1:build_241212:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.4.2:build_250313:*:*:*:*:*:*
- cpe:2.3:o:tp-link:tapo_c200_firmware:1.4.4:build_250922:*:*:*:*:*:*
- Range: v2.6
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.