Sumin Kim

**Name of the Vulnerable Software and Affected Versions** TP-Link Tapo C200 v5 **Description** A stack-based buffer overflow exists in the RTSP authentication handling due to improper validation of the `Authorization` header field lengths. This issue can be triggered by a crafted authentication request, causing the RTSP core service process to crash and triggering an automatic system reboot. This results in a denial of service (DoS) condition, which prevents legitimate users from accessing the camera's live video stream or management interface until the service restarts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.