216.73.216.86

CVE-2026-8714

· Published 05/06/2026 17:17 · Modified 05/06/2026 19:03

Labels: CVE-2026-8714 2026-06-05CVE-2026-8714CWE-20f23511db-6c3e-4e32-a477-6aa17d310630

Essential information

Published
05/06/2026 17:17
Modified
05/06/2026 19:03
Author
Creator
CVSS
7.1 HIGH (v3) 7.1 HIGH (v4.0)
CISA KEV
No
CWE
CWE-20
CVSS vector

CVSS metrics

Description

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input.  Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
nist-nvd-api
NVD
View on NVD

Affected products (CPE)

ProductCPE
tp-link / tapo c520ws firmware cpe:2.3:o:tp-link:tapo_c520ws_firmware:*:*:*:*:*:*:*:*
tp-link / tapo c520ws cpe:2.3:h:tp-link:tapo_c520ws:2.0:*:*:*:*:*:*:*

References