Tp-link Tapo_c260

3 CVEs affecting Tp-link Tapo_c260. Latest disclosed: 2026-02-10. Critical: 0, High: 2.

Top CVEs affecting Tp-link Tapo_c260
CVESeverityScorePublishedSummary
CVE-2026-0652High8.82026-02-10On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. A…
CVE-2026-0651High7.82026-02-10A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server perfo…
CVE-2026-0653Medium6.52026-02-10On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization…