TP-Link Flaw: Authentication Bypass Via Password Vulnerability Allows

Details have emerged regarding a critical authentication vulnerability impacting TP-Link’s VIGI surveillance camera lineup. This flaw allows attackers on local networks to reset administrative credentials without authorization.

Tracked as CVE-2026-0629, the flaw resides in the camera’s web interface password recovery function and carries a CVSS v4.0 score of 8.7, indicating high severity.

The authentication bypass flaw stems from improper client-side state manipulation in the password recovery feature.

Attackers on the local area network (LAN) can exploit this weakness to reset the admin password without any verification, granting full administrative access to the affected device.

The vulnerability requires no elevated privileges, user interaction, or network-level attacks, making it easily exploitable for any user with LAN connectivity.

According to the advisory documentation, the CVSS v4.0 scoring vector (4.0/AV: A/AC: L/AT: N/PR: N/UI: N/VC:H/VI:H/VA:H/SC: N/SI: N/SA: N).

Attackers can achieve high-impact compromises of confidentiality, integrity, and availability through adjacent network access with low attack complexity.

Successful exploitation allows attackers to gain complete control of affected VIGI cameras, enabling configuration modifications and disabling security features.

Accessing recorded footage or using compromised devices as pivot points for lateral network movement. Organizations with VIGI cameras in critical surveillance infrastructure face substantial operational and security risks.

The vulnerability affects an extensive product portfolio spanning 28 distinct VIGI camera series, including the popular Cx45, Cx55, Cx85, and InSight series variants.

The widespread impact necessitates immediate patching across all organizational deployments.

Affected Products and Mitigations

Complete patch information for all affected product variants is available through TP-Link’s official support channels.

TP-Link has released firmware updates addressing the vulnerability across all affected device models. Organizations must download and deploy the latest firmware versions immediately through the Download Center.

The advisory emphasizes that devices remain vulnerable until patched, and TP-Link assumes no liability for incidents resulting from failure to implement recommended security updates.

Users can access patches through region-specific download centers:

CVE-2026-0629 represents a significant security risk for organizations deploying TP-Link VIGI surveillance infrastructure. The ease of exploitation, combined with the extensive affected product range, makes immediate firmware updates.

A critical priority for maintaining network security posture and preventing unauthorized administrative access to surveillance systems.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.