VIGI%20Cx20I%201.20%20Series%20(C220I%201.20%2FC320I%201.20%2FC420I%201.20)

VIGI Cx20I 1.20 Series (C220I 1.20/C320I 1.20/C420I 1.20)

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2026-0629

Assigner-TP-Link Systems Inc.

View Details

Assigner-TP-Link Systems Inc.

CVSS Score-8.7||HIGH

EPSS-0.12% / 31.26%

7 Day CHG+0.05%

Published-16 Jan, 2026 | 17:24

Updated-26 Jan, 2026 | 15:05

Authentication Bypass in Password Recovery Feature via Local Web App on Multiple VIGI Cameras

Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.

Vendor-TP-Link Systems Inc.

Product-VIGI C240 1.0 VIGI C540S / EasyCam C540S VIGI InSight Sx55 Series (S355/S455)VIGI C250 VIGI InSight S655I VIGI C440-W 2.0 VIGI Cx30I 1.0 Series (C230I 1.0/C330I 1.0/C430I 1.0)VIGI Cx40I 1.20 Series (C240I 1.20/C340I 1.20/C440I 1.20)VIGI InSight Sx85 Series (S285/S385)VIGI Cx20I 1.0 Series (C220I 1.0/C320I 1.0/C420I 1.0)VIGI Cx50 Series (C350/C450)VIGI C340S VIGI InSight Sx45 Series (S245/S345/S445)VIGI Cx85 Series (C385/C485)VIGI Cx30 1.0 Series (C230 1.0/C330 1.0/C430 1.0)VIGI InSight Sx45ZI Series (S245ZI/S345ZI/S445ZI)VIGI C540-W 2.0 VIGI InSight S345-4G VIGI C340-W 2.x Series (C340-W 2.0/C340-W 2.20)VIGI InSight Sx25 Series (S225/S325/S425)VIGI InSight Sx85PI Series (S385PI/S485PI)VIGI C540V VIGI Cx20I 1.20 Series (C220I 1.20/C320I 1.20/C420I 1.20)VIGI Cx45 Series (C345/C445)VIGI C230I Mini VIGI C540-4G VIGI Cx20 Series (C320/C420)VIGI C340 2.0 VIGI Cx55 Series (C355/C455)VIGI Cx30 1.20 Series (C230 1.20/C330 1.20/C430 1.20)VIGI C540 2.0 VIGI Cx40I 1.0 Series (C240I 1.0/C340I 1.0/C440I 1.0)VIGI Cx30I 1.20 Series (C230I 1.20/C330I 1.20/C430I 1.20)VIGI C440 2.0

CWE ID-CWE-287

Improper Authentication