Click to skip the navigation bar
Search
Search Menu

Security Advisory on Vulnerabilities in Tapo C200 (CVE-2025-8065, CVE-2025-14299 & CVE-2025-14300) and Tapo C520WS (CVE-2025-8065)

Security Advisory
Updated 04-02-2026 17:34:33 PM Number of views for this article14867

Vulnerabilities Description and Impacts:

CVE-2025-8065: Remote Code Execution via Stack-based Buffer Overflow in ONVIF SOAP Parser in Tapo C200 v3 and Tapo C520WS v2.6

A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP request with an oversized namespace prefix to cause memory corruption in stack.

An unauthenticated attacker on the same local network may exploit this flaw to enable remote code execution with elevated privileges, leading to full compromise of the device.

CVSS v4.0 Score: 8.7 / High

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVE-2025-14299: Improper Content-Length Validation in HTTPS Requests in Tapo C200 v3

  • The HTTPS server does not properly validate the Content-Length header, which could lead to an Integer Overflow.
  • An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to crash the device, resulting in DoS.

CVSS v4.0 Score: 7.1 / High

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVE-2025-14300: Unauthenticated Access to connectAP API Endpoint in Tapo C200 v3

  • The HTTPS Service exposes a connectAP interface without proper authentication.
  • An unauthenticated attacker on the same local network segment can modify the device’s Wi-Fi configuration, resulting in loss of connectivity and DoS.

CVSS v4.0 Score: 8.7 / High

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products/Versions and Fixes:

Affected Product Model

Related Vulnerabilities

Affected Version

Tapo C520WS v2.6

CVE-2025-8065

< 1.2.4 Build 260326 Rel.24666n

Tapo C200 V3

CVE-2025-8065

CVE-2025-14299

CVE-2025-14300

< Tapo C200(US)_V3_1.4.5 Build 251104

Recommendations:

We strongly recommend that users with affected devices take the following actions:

  1. Check and Update on Tapo Mobile Application to fix the vulnerabilities.

US: Download for Tapo C200 | TP-Link

Download for Tapo C520WS | TP-Link

EN: Download for Tapo C520WS | TP-Link

Disclaimer:

If you do not take all of the recommended actions, this vulnerability concern will remain. TP-Link will not bear any responsibility for the consequences that could have been avoided by following the recommended actions in this advisory.

Looking for More

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

Your Privacy Choices

As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

These cookies are necessary for the website to function and cannot be switched off.

These cookies allow targeted ads or the "sale" of personal data (toggle to the left to opt out).

Analytics cookies enable us to analyze your activities on our and other websites in order to improve and adapt the functionality of our website and our ad campaigns.

Advertising cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Welcome to Our Website! If you stay on our site, we and our third-party partners use cookies, pixels, and other tracking technologies to better understand how you use our site, provide and improve our services, and personalize your experience and ads based on your interests. Learn more in your privacy choices.