Denial-of-Service Vulnerability in TP-Link Tapo C520WS v2 RTSP Server
CVE-2026-8714

7.1HIGH

What is CVE-2026-8714?

A vulnerability exists in the RTSP server of TP-Link Tapo C520WS v2 due to its failure to properly handle syntactically invalid input. This flaw allows attackers to craft specific inputs that may cause the RTSP service to become non-responsive, leading to a denial-of-service condition. Users are advised to apply the latest firmware updates to mitigate this risk and ensure seamless operation of their devices.

Affected Version(s)

Tapo C520WS v2 0 < 1.2.6 Build 260528 Rel.60422n

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Eirik Alvheim
.