TP-Link Vulnerabilities: Attackers Can Trigger DoS

Multiple high-severity vulnerabilities have been identified in TP-Link’s Tapo C520WS smart security cameras. These flaws, if exploited, could allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication.

TP-Link has released urgent firmware updates to address these critical security gaps. When a security camera or connected router goes offline due to a DoS attack, it creates an immediate physical security blind spot.

This makes patching these vulnerabilities especially critical for users relying on the Tapo C520WS for active surveillance and property monitoring.

Multiple TP-Link Vulnerabilities

The most severe of the discovered flaws is CVE-2026-34121, which carries a CVSS v4.0 score of 8.7. This vulnerability involves an authentication bypass within the HTTP handling of the camera’s DS configuration service.

Because of inconsistent parsing and authorization logic in JSON requests, an unauthenticated attacker on the same network segment can easily bypass security checks.

By appending an exempt action to a privileged request, hackers can execute restricted configuration changes and alter the device’s state without ever needing valid login credentials.

Alongside the authentication bypass, researchers identified several buffer overflow vulnerabilities that can be leveraged to crash the device or force a sudden reboot, resulting in a complete Denial-of-Service.

CVE-2026-34118, CVE-2026-34119, CVE-2026-34120: These heap-based overflow flaws (CVSS 7.1) stem from poor boundary validation in HTTP and streaming inputs.

Attackers can send crafted payloads to cause memory corruption during HTTP POST parsing, segmented request appending, or asynchronous video stream processing.

CVE-2026-34122: Found in the DS configuration service, this stack-based overflow (CVSS 7.1) allows attackers to supply excessively long configuration parameters to crash the service.

CVE-2026-34124: Also rated CVSS 7.1, this path-expansion overflow occurs in the HTTP request parsing logic.

The system checks raw request lengths but fails to account for size increases during path normalization, allowing adjacent attackers to trigger a system interruption.

These vulnerabilities specifically affect the Tapo C520WS v2.6 running firmware versions before 1.2.4 Build 260326 Rel. 24666n.

Users are strongly urged to apply the latest firmware patches immediately. Leaving devices unpatched exposes them to unauthorized configuration changes and persistent crashing.

You can download the updated firmware directly from TP-Link’s official support pages or check for updates in the companion mobile application. TP-Link notes that they cannot bear responsibility for security consequences if these provided updates are ignored.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.