Critical Vulnerabilities Urge TP-Link Tapo C520WS Firmware Update

Multiple high-severity vulnerabilities have been discovered in TP-Link’s Tapo C520WS smart security cameras. These critical security flaws, if exploited, could allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication, creating immediate physical security blind spots.

TP-Link has promptly released urgent firmware updates to address these significant security gaps. It is paramount for users relying on the Tapo C520WS for active surveillance and property monitoring to patch these vulnerabilities without delay.

Urgent: Multiple High-Severity TP-Link Vulnerabilities Discovered

The most severe of the identified flaws is CVE-2026-34121, boasting a CVSS v4.0 score of 8.7. This critical vulnerability involves an authentication bypass within the HTTP handling of the camera’s DS configuration service.

Due to inconsistent parsing and authorization logic in JSON requests, an unauthenticated attacker on the same network segment can effortlessly bypass security checks. By appending an exempt action to a privileged request, malicious actors can execute restricted configuration changes and alter the device’s state without valid login credentials on the Tapo C520WS.

In addition to the authentication bypass, researchers pinpointed several buffer overflow vulnerabilities that can be exploited to crash the device or force an abrupt reboot, leading to a complete Denial-of-Service for the Tapo C520WS.

Identified Buffer Overflow Vulnerabilities:

• CVE-2026-34118, CVE-2026-34119, CVE-2026-34120 (CVSS 7.1): These heap-based overflow flaws arise from poor boundary validation in HTTP and streaming inputs. Attackers can send specially crafted payloads to induce memory corruption during HTTP POST parsing, segmented request appending, or asynchronous video stream processing, affecting the Tapo C520WS.
• CVE-2026-34122 (CVSS 7.1): Located in the DS configuration service, this stack-based overflow enables attackers to supply excessively long configuration parameters, causing the service to crash.
• CVE-2026-34124 (CVSS 7.1): This path-expansion overflow resides in the HTTP request parsing logic. The system checks raw request lengths but critically fails to account for size increases during path normalization, allowing adjacent attackers to trigger a system interruption on the Tapo C520WS.

Immediate Action Required: Patch Your Tapo C520WS Camera

These vulnerabilities specifically impact the Tapo C520WS v2.6 running firmware versions before 1.2.4 Build 260326 Rel. 24666n.

Users are strongly urged to apply the latest firmware patches immediately. Neglecting to update devices exposes them to unauthorized configuration changes and persistent crashing, compromising your physical security.

You can download the updated firmware directly from TP-Link’s official support pages or check for updates within the companion mobile application.

TP-Link emphasizes that they cannot be held responsible for security consequences if these provided updates are ignored.

Stay Informed: Follow us on Google News, LinkedIn, and X for daily cybersecurity updates.