Insecure Access Control on TP-Link Tapo D235 and C260

7.2 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Description

On TP-Link Tapo C260 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration parameters without authorization, resulting in unauthorized device state manipulation but not full code execution.

Basic Information

ID CVE-2026-0653

Source TPLink

Published Feb 10, 2026 at 17:27

Affected Product

Vendor TP-Link Systems Inc.

Product Tapo C260 v1

Affected Versions TP-Link Systems Inc. Tapo C260 v1 0

CWE Classification

CWE-284

References

{
    "lastseen": "",
    "description": "On TP-Link Tapo C260 v1, a\u00a0guest\u2011level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration parameters without authorization, resulting in unauthorized device state manipulation but not full code execution.",
    "published": "2026-02-10T17:27:31.365Z",
    "modified": "2026-02-10T17:27:31.365Z",
    "type": "cve",
    "title": "Insecure Access Control on TP-Link Tapo D235 and C260",
    "source": "TPLink",
    "references": "https://www.tp-link.com/us/support/download/tapo-c260/v1/\nhttps://www.tp-link.com/en/support/download/tapo-c260/v1/\nhttps://www.tp-link.com/us/support/faq/4960/",
    "id": "CVE-2026-0653",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "TP-Link Systems Inc. Tapo C260 v1 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Tapo C260 v1",
    "version": "0",
    "vendor": "TP-Link Systems Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Insecure Access Control on TP-Link Tapo D235 and C260_CVE-2026-0653