VYPR

Tapo C520ws V2

by TP-Link

CVEs (5)

  • CVE-2026-8714HigJun 5, 2026
    risk 0.46cvss epss 0.00

    A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input.  Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful…

  • CVE-2026-6242MedJun 6, 2026
    risk 0.44cvss epss 0.00

    An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or…

  • CVE-2026-6241MedJun 6, 2026
    risk 0.44cvss epss 0.00

    An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to…

  • CVE-2026-6239MedJun 6, 2026
    risk 0.44cvss epss 0.00

    A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate the number of XML user nodes during request processing. An authenticated attacker can send a specially crafted ONVIF request…

  • CVE-2026-1315Jan 27, 2026
    risk 0.00cvss epss 0.01

    By sending crafted files to the firmware update endpoint of Tapo C220 v1 and C520WS v2, the device terminates core system services before verifying authentication or firmware integrity. An unauthenticated attacker can trigger a persistent denial of service, requiring a manual…