CVE-2026-34124 | THREATINT

Description

A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent network may send a crafted HTTP request to cause buffer overflow and memory corruption, leading to system interruption or device reboot.

PUBLISHED Reserved 2026-03-25 | Published 2026-04-02 | Updated 2026-04-03 | Assigner TPLink

HIGH: 7.1CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-120 Buffer Copy without Checking Size of Input

Product status

Default status

unaffected

Any version before 1.2.4 Build 260326 Rel.24666n

affected

References

www.tp-link.com/us/support/download/tapo-c520ws/ patch

www.tp-link.com/en/support/download/tapo-c520ws/ patch

www.tp-link.com/us/support/faq/5047/ vendor-advisory

cve.org (CVE-2026-34124)

nvd.nist.gov (CVE-2026-34124)

Download JSON