Sign-up

ID

VAR-202606-1867


CVE

CVE-2026-1871


TITLE

TP-LINK Technologies of tapo c200  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344

DESCRIPTION

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to crash and triggers an automatic system reboot, resulting in a denial of service (DoS) condition. This prevents legitimate users from accessing the camera’s live video stream or management interface until the service restarts. If this vulnerability is exploited, affected systems will be affected. - No information handled by the software will be rewritten. - The software may completely shut down

Trust: 1.62

sources: NVD: CVE-2026-1871 // JVNDB: JVNDB-2026-018344

AFFECTED PRODUCTS

vendor:tp linkmodel:tapo c200scope:eqversion:1.0.13

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.1.8

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.0.5

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.2.3

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.1.4

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.3.5

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.0.12

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.3.3

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.0.17

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:1.3.1

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.0.12

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.0.5

Trust: 0.8

vendor:tp linkmodel:tapo c200scope: - version: -

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.0.13

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.1.8

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion: -

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.3.5

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.1.4

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.0.17

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.3.3

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.3.1

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:eqversion:tapo c200 firmware 1.2.3

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344 // NVD: CVE-2026-1871

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2026-1871
value: MEDIUM

Trust: 1.0

f23511db-6c3e-4e32-a477-6aa17d310630: CVE-2026-1871
value: HIGH

Trust: 1.0

NVD: CVE-2026-1871
value: MEDIUM

Trust: 0.8

nvd@nist.gov: CVE-2026-1871
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2026-1871
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344 // NVD: CVE-2026-1871 // NVD: CVE-2026-1871

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344 // NVD: CVE-2026-1871

PATCH

title:Security Advisory on Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200 (CVE-2026-1871) | TP-Linkurl:https://www.tp-link.com/us/support/faq/5113/

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344

EXTERNAL IDS

db:NVDid:CVE-2026-1871

Trust: 2.6

db:JVNDBid:JVNDB-2026-018344

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344 // NVD: CVE-2026-1871

REFERENCES

url:https://www.tp-link.com/kr/support/download/tapo-c200/#firmware-release-notes

Trust: 1.8

url:https://www.tp-link.com/us/support/download/tapo-c200/v5/#firmware-release-notes

Trust: 1.8

url:https://www.tp-link.com/en/support/download/tapo-c200/v5/#firmware-release-notes

Trust: 1.8

url:https://www.tp-link.com/us/support/faq/5113/

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-1871

Trust: 0.8

sources: JVNDB: JVNDB-2026-018344 // NVD: CVE-2026-1871

SOURCES

db:JVNDBid:JVNDB-2026-018344
db:NVDid:CVE-2026-1871

LAST UPDATE DATE

2026-06-19T22:57:22.156000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-018344date:2026-06-08T02:48:00
db:NVDid:CVE-2026-1871date:2026-06-04T17:41:24.973

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-018344date:2026-06-08T00:00:00
db:NVDid:CVE-2026-1871date:2026-06-02T17:16:26.967