CVE-2026-0652 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An…
High CVSS: 8.7

CVE-2026-0652

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cause full device compromise.
Vendor
Tp-link
Product
Tapo C260 Firmware
CWE
CWE-78
Yayın Tarihi
2026-02-10 18:16:22
Güncelleme
2026-02-13 20:45:16
Source Identifier
f23511db-6c3e-4e32-a477-6aa17d310630
KEV Date Added
-

Kategoriler

CWE-78 Tapo C260 Firmware HIGH Tp-link 2026

Referanslar

https://www.tp-link.com/en/support/download/tapo-c260/v1/ https://www.tp-link.com/us/support/download/tapo-c260/v1/ https://www.tp-link.com/us/support/faq/4960/