Description
The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and resulting in denial-of-service (DoS).
CVSS Metrics
- Vector
- CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Attack Vector
- adjacent
- Complexity
- low
- Privileges
- none
- User Action
- none
- Confidentiality
- undefined
- Integrity
- undefined
- Availability
- undefined
- Weaknesses
- CWE-770CWE-190
Metadata
- Primary Vendor
- TP-LINK
- Published
- 12/20/2025
- Last Modified
- 1/8/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
tp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmwaretp-link : tapo_c200_firmware
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.