Authentication Bypass Vulnerability in TP-Link Tapo C520WS Router
CVE-2026-34121

8.7HIGH

Key Information:

Vendor

Tp-link Systems Inc.

Status
Tapo C520ws V2.6
Vendor
CVE Published:
2 April 2026

What is CVE-2026-34121?

An authentication bypass vulnerability has been identified in the HTTP handling of the DS configuration service of the TP-Link Tapo C520WS v2.6. This flaw arises from inconsistent parsing and authorization logic in JSON requests during the authentication process. Consequently, an unauthenticated attacker can exploit this vulnerability by appending an action exempt from authentication to requests containing privileged DS operations. This allows them to bypass crucial authorization checks, leading to the potential execution of restricted configuration actions and unauthorized modifications of the device's state.

Affected Version(s)

Tapo C520WS v2.6 0 < 1.2.4 Build 260326 Rel.24666n

References

https://www.tp-link.com/us/support/download/tapo-c520ws/#...
patch
https://www.tp-link.com/en/support/download/tapo-c520ws/#...
patch
https://www.tp-link.com/us/support/faq/5047/
vendor-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.