Description
A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter, resulting in a stack overflow.

Successful exploitation results in Denial-of-Service (DoS) condition, leading to a service crash or device reboot, impacting availability.
Published: 2026-04-02
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow occurs in the Tapo C520WS when an attacker supplies an excessively long value for a vulnerable configuration parameter. This overflow corrupts the stack, causing the device to crash or reboot, which results in a denial‑of‑service condition that makes the smart plug unavailable to users.

Affected Systems

The vulnerability affects TP‑Link Systems Inc.’s Tapo C520WS smart plug, specifically firmware version 2.6. The device’s configuration handling component is the entry point for the overflow.

Risk and Exploitability

With a CVSS base score of 7.1, the vulnerability poses a significant risk to availability. The EPSS score is not available, and it is not listed in the CISA KEV catalog. While the description does not state the exact interface, it is inferred that an attacker could trigger the overflow remotely by sending a crafted configuration value over the device’s management interface, leading to a crash or reboot.

Generated by OpenCVE AI on April 2, 2026 at 22:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Tapo C520WS firmware to the latest available version (e.g., v2.7 or newer) from TP‑Link.
  • Restrict or disable remote access to the device’s configuration interface so that only trusted clients can submit configuration changes.
  • Monitor the device for unexpected reboots or crash logs and verify that the issue no longer reproduces.

Generated by OpenCVE AI on April 2, 2026 at 22:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tapo C520ws V2
Vendors & Products Tp-link
Tp-link tapo C520ws V2

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter, resulting in a stack overflow. Successful exploitation results in Denial-of-Service (DoS) condition, leading to a service crash or device reboot, impacting availability.
Title Stack-based Buffer Overflow Leading to Denial of Service in TP-Link Tapo C520WS
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Tp-link Tapo C520ws V2
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-04-02T17:59:32.667Z

Reserved: 2026-03-25T18:54:03.343Z

Link: CVE-2026-34122

cve-icon Vulnrichment

Updated: 2026-04-02T17:59:29.666Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T18:16:29.150

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-34122

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:17:24Z

Weaknesses