CVE-2026-0653

HIGH EPSS 30.4%
Published Feb 10, 20264mo ago · Modified Mar 13, 20263mo ago
7.2 CVSS 4.0
High
Find Similar
Published Feb 10, 2026 4mo ago
Last Modified Mar 13, 2026 3mo ago

Description

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration parameters without authorization, resulting in unauthorized device state manipulation but not full code execution.

CVSS Details

Base Score
7.2
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
30.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 2

VendorProductVersionRange
tp-linktapo_c260_firmware* <1.1.9
tp-linktapo_c2601any

References 4

  • tp-link.com https://www.tp-link.com/en/support/download/tapo-c260/v1/
    Product
  • tp-link.com https://www.tp-link.com/en/support/download/tapo-d235/
  • tp-link.com https://www.tp-link.com/us/support/download/tapo-c260/v1/
    Product
  • tp-link.com https://www.tp-link.com/us/support/faq/4960/
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.