CVE-2026-8714

EUVD-2026-34855
A denial-of-service
vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of
syntactically invalid input.  Crafted inputs
can trigger a processing error, causing the RTSP service to enter non-responsive
state.





Successful
exploitation may cause the RTSP in a denial-of-service condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.tp-link.com/en/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/download/tapo-c520ws/v2/#Firmware-Release-Notes
https://www.tp-link.com/us/support/faq/5118/