🔐 CVE Alert

CVE-2026-12760

UNKNOWN 0.0

Denial-of-Service Vulnerability via Malformed IPv4 Fragmentation Handling in TP-Link Tapo C200

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets.  An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the device.Successful exploitation can remotely trigger a temporary denial-of-service condition, causing the camera to become unresponsive and resulting in intermittent loss of video monitoring and recording.

CWE CWE-770
Vendor tp-link systems inc.
Product tapo c200 v3
Published Jun 24, 2026
Last Updated Jun 24, 2026
Stay Ahead of the Next One

Get instant alerts for tp-link systems inc. tapo c200 v3

Be the first to know when new unknown vulnerabilities affecting tp-link systems inc. tapo c200 v3 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

TP-Link Systems Inc. / Tapo C200 v3
0 < 1.4.4 Build 250922

References

NVD ↗ CVE.org ↗ EPSS Data ↗
tp-link.com: https://www.tp-link.com/us/support/download/tapo-c200/v3/#Firmware-Release-Notes tp-link.com: https://www.tp-link.com/en/support/download/tapo-c200/v3/#Firmware-Release-Notes tp-link.com: https://www.tp-link.com/us/support/faq/5143/

Credits

Arjan Chadha, Keysight Technologies