Security Advisory on Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200 (CVE-2026-1871)
Description of Vulnerability and Impact:
CVE-2026-1871
TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request.
Successful exploitation causes the affected RTSP core service process to crash and triggers an automatic system reboot, resulting in a denial of service (DoS) condition. This prevents legitimate users from accessing the camera’s live video stream or management interface until the service restarts.
CVSS v4.0 Score: 7.1 / High
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products/Versions and Fixes:
|
Affected Product Model |
Affected Version |
|
Tapo C200 v5 |
< 1.4.4 Build 260527 Rel.28339n |
Recommendations:
We strongly recommend that users with affected devices take the following actions:
- Follow the instructions to update to the latest firmware version to fix the vulnerabilities:
US: Download for Tapo C200 | TP-Link
EN: Download for Tapo C200 | TP-Link
KR: Download Tapo C200 | TP-Link South Korea
Disclaimer:
This advisory is provided for informational purposes only and is subject to change without notice. The information is provided “as is” without warranties of any kind. TP-Link recommends that customers apply available firmware updates or implement documented workarounds as provided in this advisory. Devices/systems that are not updated or mitigated as described may remain vulnerable, and TP-Link disclaims any responsibility or liability for any damages or losses arising from a failure to implement such updates.
Looking For More
Is this faq useful?
Your feedback helps improve this site.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.