VYPR
Unrated severityNVD Advisory· Published Jan 27, 2026· Updated Jan 27, 2026

Unauthenticated Denial of Service via Firmware Update Endpoint on TP-Link Tapo C220 & C520WS

CVE-2026-1315

Description

By sending crafted files to the firmware update endpoint of Tapo C220 v1 and C520WS v2, the device terminates core system services before verifying authentication or firmware integrity. An unauthenticated attacker can trigger a persistent denial of service, requiring a manual reboot or application initiated restart to restore normal device operation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.