CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-8714

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 10.6%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.tp-link.com/en/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/faq/5118/

Products affected by CVE-2026-8714

Tp-Link » Tapo C520ws » Version: 2.0

cpe:2.3:h:tp-link:tapo_c520ws:2.0
Tp-Link » Tapo C520ws Firmware » Version: 1.2.3

cpe:2.3:o:tp-link:tapo_c520ws_firmware:1.2.3
Tp-Link » Tapo C520ws Firmware » Version: 1.2.4

cpe:2.3:o:tp-link:tapo_c520ws_firmware:1.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8714

Products

Pricing

Contact Us