View CSAF
Summary
Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras.
The following versions of TP-Link Systems Inc. VIGI Series IP Camera are affected:
- VIGI Cx45 Series Models C345, C445 <=3.1.0_Build_250820_Rel.57668n (CVE-2026-0629)
- VIGI Cx55 Series Models C355, C455 <=3.1.0_Build_250820_Rel.58873n (CVE-2026-0629)
- VIGI Cx85 Series Models C385, C485 <=3.0.2_Build_250630_Rel.71279n (CVE-2026-0629)
- VIGI C340S Series <=3.1.0_Build_250625_Rel.65381n (CVE-2026-0629)
- VIGI C540S Series Models C540S, EasyCam C540S <=3.1.0_Build_250625_Rel.66601n (CVE-2026-0629)
- VIGI C540V Series <=2.1.0_Build_250702_Rel.54300n (CVE-2026-0629)
- VIGI C250 Series <=2.1.0_Build_250702_Rel.54301n (CVE-2026-0629)
- VIGI Cx50 Series Models C350, C450 <=2.1.0_Build_250702_Rel.54294n (CVE-2026-0629)
- VIGI Cx20I (1.0) Series Models C220I 1.0, C320I 1.0, C420I 1.0 <=2.1.0_Build_251014_Rel.58331n (CVE-2026-0629)
- VIGI Cx20I (1.20) Series Models C220I 1.20, C320I 1.20, C420I 1.20 <=2.1.0_Build_250701_Rel.44071n (CVE-2026-0629)
- VIGI Cx30I (1.0) Series Models C230I 1.0, C330I 1.0, C430I 1.0 <=2.1.0_Build_250701_Rel.45506n (CVE-2026-0629)
- VIGI Cx30I (1.20) Series Models C230I 1.20, C330I 1.20, C430I 1.20 <=2.1.0_Build_250701_Rel.44555n (CVE-2026-0629)
- VIGI Cx30 (1.0) Series Models C230 1.0, C330 1.0, C430 1.0 <=2.1.0_Build_250701_Rel.46796n (CVE-2026-0629)
- VIGI Cx30 (1.20) Series Models C230 1.20, C330 1.20, C430 1.20 <=2.1.0_Build_250701_Rel.46796n (CVE-2026-0629)
- VIGI Cx40I (1.0) Series Models C240I 1.0, C340I 1.0, C440I 1.0 <=2.1.0_Build_250701_Rel.46003n (CVE-2026-0629)
- VIGI Cx40I (1.20) Series Models C240I 1.20, C340I 1.20, C440I 1.20 <=2.1.0_Build_250701_Rel.45041n (CVE-2026-0629)
- VIGI C230I Mini Series <=2.1.0_Build_250701_Rel.47570n (CVE-2026-0629)
- VIGI C240 1.0 Series <=2.1.0_Build_250701_Rel.48425n (CVE-2026-0629)
- VIGI C340 2.0 Series <=2.1.0_Build_250701_Rel.49304n (CVE-2026-0629)
- VIGI C440 2.0 Series <=2.1.0_Build_250701_Rel.49778n (CVE-2026-0629)
- VIGI C540 2.0 Series <=2.1.0_Build_250701_Rel.50397n (CVE-2026-0629)
- VIGI C540‑4G Series <=2.2.0_Build_250826_Rel.56808n (CVE-2026-0629)
- VIGI Cx40‑W Series Models C340‑W 2.0/2.20, C440‑W 2.0, C540‑W 2.0 <=2.1.1_Build_250717 (CVE-2026-0629)
- VIGI Cx20 Series Models C320, C420 <=2.1.0_Build_250701_Rel.39597n (CVE-2026-0629)
- VIGI InSight Sx45 Series Models S245, S345, S445 <=3.1.0_Build_250820_Rel.57668n (CVE-2026-0629)
- VIGI InSight Sx55 Series Models S355, S455 <=3.1.0_Build_250820_Rel.58873n (CVE-2026-0629)
- VIGI InSight Sx85 Series Models S285, S385 <=3.0.2_Build_250630_Rel.71279n (CVE-2026-0629)
- VIGI InSight Sx45ZI Series Models S245ZI, S345ZI, S445ZI <=1.2.0_Build_250820_Rel.60930n (CVE-2026-0629)
- VIGI InSight Sx85PI Series Models S385PI, S485PI <=1.2.0_Build_250827_Rel.66817n (CVE-2026-0629)
- VIGI InSight S655I Series <=1.1.1_Build_250625_Rel.64224n (CVE-2026-0629)
- VIGI InSight S345‑4G Series <=2.1.0_Build_250725_Rel.36867n (CVE-2026-0629)
- VIGI InSight Sx25 Series Models S225, S325, S425 <=1.1.0_Build_250630_Rel.39597n (CVE-2026-0629)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 8.8 | TP-Link Systems Inc. | TP-Link Systems Inc. VIGI Series IP Camera | Improper Authentication |
Background
- Critical Infrastructure Sectors: Commercial Facilities
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: China
Vulnerabilities
Expand All +
CVE-2026-0629
An authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.
View CVE Details
Affected Products
TP-Link Systems Inc. VIGI Series IP Camera
TP-Link Systems Inc.
TP-Link Systems Inc. VIGI Cx45 Series Models C345, C445: <=3.1.0_Build_250820_Rel.57668n, TP-Link Systems Inc. VIGI Cx55 Series Models C355, C455: <=3.1.0_Build_250820_Rel.58873n, TP-Link Systems Inc. VIGI Cx85 Series Models C385, C485: <=3.0.2_Build_250630_Rel.71279n, TP-Link Systems Inc. VIGI C340S Series: <=3.1.0_Build_250625_Rel.65381n, TP-Link Systems Inc. VIGI C540S Series Models C540S, EasyCam C540S: <=3.1.0_Build_250625_Rel.66601n, TP-Link Systems Inc. VIGI C540V Series: <=2.1.0_Build_250702_Rel.54300n, TP-Link Systems Inc. VIGI C250 Series: <=2.1.0_Build_250702_Rel.54301n, TP-Link Systems Inc. VIGI Cx50 Series Models C350, C450: <=2.1.0_Build_250702_Rel.54294n, TP-Link Systems Inc. VIGI Cx20I (1.0) Series Models C220I 1.0, C320I 1.0, C420I 1.0: <=2.1.0_Build_251014_Rel.58331n, TP-Link Systems Inc. VIGI Cx20I (1.20) Series Models C220I 1.20, C320I 1.20, C420I 1.20: <=2.1.0_Build_250701_Rel.44071n, TP-Link Systems Inc. VIGI Cx30I (1.0) Series Models C230I 1.0, C330I 1.0, C430I 1.0: <=2.1.0_Build_250701_Rel.45506n, TP-Link Systems Inc. VIGI Cx30I (1.20) Series Models C230I 1.20, C330I 1.20, C430I 1.20: <=2.1.0_Build_250701_Rel.44555n, TP-Link Systems Inc. VIGI Cx30 (1.0) Series Models C230 1.0, C330 1.0, C430 1.0: <=2.1.0_Build_250701_Rel.46796n, TP-Link Systems Inc. VIGI Cx30 (1.20) Series Models C230 1.20, C330 1.20, C430 1.20: <=2.1.0_Build_250701_Rel.46796n, TP-Link Systems Inc. VIGI Cx40I (1.0) Series Models C240I 1.0, C340I 1.0, C440I 1.0: <=2.1.0_Build_250701_Rel.46003n, TP-Link Systems Inc. VIGI Cx40I (1.20) Series Models C240I 1.20, C340I 1.20, C440I 1.20: <=2.1.0_Build_250701_Rel.45041n, TP-Link Systems Inc. VIGI C230I Mini Series: <=2.1.0_Build_250701_Rel.47570n, TP-Link Systems Inc. VIGI C240 1.0 Series: <=2.1.0_Build_250701_Rel.48425n, TP-Link Systems Inc. VIGI C340 2.0 Series: <=2.1.0_Build_250701_Rel.49304n, TP-Link Systems Inc. VIGI C440 2.0 Series: <=2.1.0_Build_250701_Rel.49778n, TP-Link Systems Inc. VIGI C540 2.0 Series: <=2.1.0_Build_250701_Rel.50397n, TP-Link Systems Inc. VIGI C540‑4G Series: <=2.2.0_Build_250826_Rel.56808n, TP-Link Systems Inc. VIGI Cx40‑W Series Models C340‑W 2.0/2.20, C440‑W 2.0, C540‑W 2.0: <=2.1.1_Build_250717, TP-Link Systems Inc. VIGI Cx20 Series Models C320, C420: <=2.1.0_Build_250701_Rel.39597n, TP-Link Systems Inc. VIGI InSight Sx45 Series Models S245, S345, S445: <=3.1.0_Build_250820_Rel.57668n, TP-Link Systems Inc. VIGI InSight Sx55 Series Models S355, S455: <=3.1.0_Build_250820_Rel.58873n, TP-Link Systems Inc. VIGI InSight Sx85 Series Models S285, S385: <=3.0.2_Build_250630_Rel.71279n, TP-Link Systems Inc. VIGI InSight Sx45ZI Series Models S245ZI, S345ZI, S445ZI: <=1.2.0_Build_250820_Rel.60930n, TP-Link Systems Inc. VIGI InSight Sx85PI Series Models S385PI, S485PI: <=1.2.0_Build_250827_Rel.66817n, TP-Link Systems Inc. VIGI InSight S655I Series: <=1.1.1_Build_250625_Rel.64224n, TP-Link Systems Inc. VIGI InSight S345‑4G Series: <=2.1.0_Build_250725_Rel.36867n, TP-Link Systems Inc. VIGI InSight Sx25 Series Models S225, S325, S425: <=1.1.0_Build_250630_Rel.39597n
known_affected
Remediations
Mitigation
TP-Link Communications strongly recommends that users with affected devices take the following actions:
Mitigation
Download and update to the latest firmware version to fix the vulnerability from the following links.
Mitigation
United States users should visit the TP-Link US Download Center here: https://www.vigi.com/us/support/download/.
Mitigation
Global English users should visit the TP-Link EN Download Center:https://www.vigi.com/es/support/download/.
Mitigation
India users should visit the TP-Link India Download Center:https://www.vigi.com/in/support/download/.
Mitigation
Please visit https://www.tp-link.com/us/support/faq/4906/ for the TP-Link advisory.
Relevant CWE: CWE-287 Improper Authentication
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Acknowledgments
- Arko Dhar of Redinent Innovations reported this vulnerability to CISA
Legal Notice and Terms of Use
This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.
Revision History
- Initial Release Date: 2026-02-05
| Date | Revision | Summary |
|---|---|---|
| 2026-02-05 | 1 | Initial Publication |
