tp-link tapo_c200_firmware CVE Vulnerabilities (9)

CVEs: 9 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting tp-link tapo_c200_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 19 of 9 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-12760 A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets.  An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the device.Successful exploitation can remotely trigger a temporary denial-of-service condition, causing the camera to become unresponsive and resulting in intermittent loss of video monitoring and record f23511db-6c3e-4e32-a477-6aa17d310630 7.1 0.18% 2026-06-24 2026-06-29
CVE-2026-1871 TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to crash and triggers an automatic system reboot, resulting in a denial of service (DoS) condition. This prevents legitimate users from accessing the camera’s live video stream or management interface unti f23511db-6c3e-4e32-a477-6aa17d310630 7.1 0.30% 2026-06-02 2026-06-17
CVE-2025-8065 A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP request with an oversized namespace prefix to cause memory corruption in stack. An unauthenticated attacker on the same local network may exploit this flaw to enable remote code execution with elevated pri f23511db-6c3e-4e32-a477-6aa17d310630 8.7 0.47% 2025-12-19 2026-06-17
CVE-2025-14300 The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS). f23511db-6c3e-4e32-a477-6aa17d310630 8.7 0.30% 2025-12-19 2026-06-17
CVE-2025-14299 The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and resulting in denial-of-service (DoS). f23511db-6c3e-4e32-a477-6aa17d310630 7.1 0.22% 2025-12-19 2026-06-17
CVE-2023-49515 Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components. [email protected] 4.6 0.36% 2024-01-16 2026-06-17
CVE-2023-27126 The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim. [email protected] 4.6 0.42% 2023-06-06 2026-07-05
CVE-2021-4045 TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera. [email protected] 9.8 72.19% 2022-03-10 2026-06-17
CVE-2020-11445 TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855. [email protected] 5.3 1.76% 2020-04-01 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence