CVE-2026-0653

UNKNOWN 0.0

Insecure Access Control on TP-Link Tapo D235 and C260

CVSS Score

0.0

EPSS Score

0.1%

EPSS Percentile

18th

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration parameters without authorization, resulting in unauthorized device state manipulation but not full code execution.

CWE	CWE-284
Vendor	tp-link systems inc.
Product	tapo c260 v1
Published	Feb 10, 2026
Last Updated	Mar 31, 2026

Stay Ahead of the Next One

Get instant alerts for tp-link systems inc. tapo c260 v1

Be the first to know when new unknown vulnerabilities affecting tp-link systems inc. tapo c260 v1 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

TP-Link Systems Inc. / Tapo C260 v1

0 < 1.1.9 Build 251226 Rel.55870n

TP-Link Systems Inc. / Tapo D235 v1

0 < 1.2.2 Build 260210 Rel.27165n

References

NVD ↗ CVE.org ↗ EPSS Data ↗

tp-link.com: https://www.tp-link.com/us/support/download/tapo-c260/v1/ tp-link.com: https://www.tp-link.com/en/support/download/tapo-c260/v1/ tp-link.com: https://www.tp-link.com/us/support/faq/4960/ tp-link.com: https://www.tp-link.com/en/support/download/tapo-d235/

Credits

spaceraccoon