CVE Catalog

CVE-2026-8714

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

11th percentile - higher than 11% of all known CVEs

Summary

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter a non-responsive state.

Risk Assessment

Successful exploitation may cause the RTSP to enter a denial-of-service condition, affecting the availability of the device.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input.  Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS