Multiple TP-Link Vulnerabilities Let Attackers Trigger DoS and Crash Routers
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Multiple high-severity vulnerabilities exist in TP-Link\u2019s Tapo C520WS smart security cameras. If exploited, these vulnerabilities may allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication.<\/p>\n
TP-Link has released urgent firmware updates to address these critical security gaps. When a security camera or connected router goes offline due to a DoS attack, it creates an immediate physical security blind spot<\/a>.<\/p>\n This makes patching these vulnerabilities especially critical for users relying on the Tapo C520WS for active surveillance and property monitoring.<\/p>\n The most severe of the discovered flaws is CVE-2026-34121, which carries a CVSS v4.0 score of 8.7. This vulnerability involves an authentication bypass within the HTTP handling of the camera\u2019s DS configuration service<\/a>.<\/p>\n Because of inconsistent parsing and authorization logic in JSON requests, an unauthenticated attacker on the same network segment can easily bypass security checks.<\/p>\n By appending an exempt action to a privileged request, hackers can execute restricted configuration changes and alter the device\u2019s state without ever needing valid login credentials.<\/p>\n Alongside the authentication bypass, researchers identified several buffer overflow vulnerabilities<\/a> that can be leveraged to crash the device or force a sudden reboot, resulting in a complete Denial-of-Service.<\/p>\n CVE-2026-34118, CVE-2026-34119, CVE-2026-34120:<\/strong> These heap-based overflow flaws (CVSS 7.1) stem from poor boundary validation in HTTP and streaming inputs.<\/p>\n Attackers can send crafted payloads to cause memory corruption during HTTP POST parsing,<\/a> segmented request appending, or asynchronous video stream processing.<\/p>\n CVE-2026-34122:<\/strong> Found in the DS configuration service, this stack-based overflow (CVSS 7.1) allows attackers to supply excessively long configuration parameters to crash the service.<\/p>\n CVE-2026-34124:<\/strong> Also rated CVSS 7.1, this path-expansion overflow occurs in the HTTP request parsing logic.<\/p>\n The system checks raw request lengths but fails to account for size increases during path normalization,<\/a> allowing adjacent attackers to trigger a system interruption.<\/p>\n These vulnerabilities specifically affect the Tapo C520WS v2.6 running firmware versions before 1.2.4 Build 260326 Rel. 24666n.<\/p>\n Users are strongly urged to apply the latest firmware patches immediately. Leaving devices unpatched exposes them to\u00a0unauthorized<\/a><\/span> configuration changes and persistent crashing.<\/a><\/p>\n You can download the updated firmware directly from TP-Link\u2019s official support pages<\/a> or check for updates in the companion mobile application. TP-Link notes that they cannot bear responsibility for security consequences if these provided updates are ignored.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Multiple TP-Link Vulnerabilities Let Attackers Trigger DoS and Crash Routers<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nMultiple TP-Link Vulnerabilities<\/strong><\/h2>\n