PT-2026-4988 · Tapo · Tapo C520Ws+1
Giuseppe Signorelli
·
Publicado
2026-01-27
·
Atualizado
2026-03-12
·
CVE-2026-0919
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Tapo C220 version 1
Tapo C520WS version 2
Description
The HTTP parser in the cameras does not correctly process requests with very long URL paths. This leads to a crash and service restart due to improper handling of allocated buffers in cleanup code. An attacker who does not need to be authenticated can repeatedly crash the service or reboot the device, resulting in a denial of service.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tapo C220
Tapo C520Ws