CVE-2026-8714

N/A Unknown

Published: June 05, 2026 Modified: June 05, 2026

Description

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://www.tp-link.com/en/support/download/tapo-c520ws/v2/#Firmware-Release-Notes

Source: f23511db-6c3e-4e32-a477-6aa17d310630

https://www.tp-link.com/us/support/download/tapo-c520ws/v2/#Firmware-Release-Notes

Source: f23511db-6c3e-4e32-a477-6aa17d310630

https://www.tp-link.com/us/support/faq/5118/

Source: f23511db-6c3e-4e32-a477-6aa17d310630

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.2%

11th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Related CVEs

CVE-2026-48777 N/A

CVE-2026-47750 7.8

CVE-2026-47747 7.8

CVE-2026-46448 5.4

CVE-2026-22313 9.1