CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-1457

An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute arbitrary code with elevated privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.4%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.tp-link.com/en/support/download/vigi-c385/v1/#Firmware
https://www.tp-link.com/kr/support/download/vigi-c385/v1/#Firmware
https://www.tp-link.com/us/support/faq/4931/

Products affected by CVE-2026-1457

Tp-Link » Vigi C385 » Version: 1.0

cpe:2.3:h:tp-link:vigi_c385:1.0
Tp-Link » Vigi C385 Firmware » Version: Any

cpe:2.3:o:tp-link:vigi_c385_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-1457

Products

Pricing

Contact Us