CVE-2026-0629

Sažetak

Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.

Reference

https://www.tp-link.com/us/support/faq/4906/
https://www.vigi.com/en/support/download/
https://www.vigi.com/in/support/download/
https://www.vigi.com/us/support/download/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

26-01-2026 - 15:05

Objavljeno

16-01-2026 - 18:16