CVE-2026-8714

Sažetak

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

Reference

https://www.tp-link.com/en/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/faq/5118/

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

19-06-2026 - 03:09

Objavljeno

05-06-2026 - 17:17