CVE-2026-0629 - Vulnerability Details

Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00051.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

TP-Link Systems Inc.

VIGI InSight Sx45 Series (S245/S345/S445)

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250820_Rel.57668n

TP-Link Systems Inc.

VIGI Cx45 Series (C345/C445)

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250820_Rel.57668n

TP-Link Systems Inc.

VIGI InSight Sx55 Series (S355/S455)

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250820_Rel.58873n

TP-Link Systems Inc.

VIGI Cx55 Series (C355/C455)

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250820_Rel.58873n

TP-Link Systems Inc.

VIGI InSight Sx85 Series (S285/S385)

unaffected

Version	Status	Constraints
`0`	affected	< 3.0.2_Build_250630_Rel.71279n

TP-Link Systems Inc.

VIGI Cx85 Series (C385/C485)

unaffected

Version	Status	Constraints
`0`	affected	< 3.0.2_Build_250630_Rel.71279n

TP-Link Systems Inc.

VIGI InSight S655I

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.1_Build_250625_Rel.64224n

TP-Link Systems Inc.

VIGI InSight Sx45ZI Series (S245ZI/S345ZI/S445ZI)

unaffected

Version	Status	Constraints
`0`	affected	< 1.2.0_Build_250820_Rel.60930n

TP-Link Systems Inc.

VIGI InSight Sx85PI Series (S385PI/S485PI)

unaffected

Version	Status	Constraints
`0`	affected	< 1.2.0_Build_250827_Rel.66817n

TP-Link Systems Inc.

VIGI C340S

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250625_Rel.65381n

TP-Link Systems Inc.

VIGI C540S / EasyCam C540S

unaffected

Version	Status	Constraints
`0`	affected	< 3.1.0_Build_250625_Rel.66601n

TP-Link Systems Inc.

VIGI C540V

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250702_Rel.54300n

TP-Link Systems Inc.

VIGI C250

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250702_Rel.54301n

TP-Link Systems Inc.

VIGI Cx50 Series (C350/C450)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250702_Rel.54294n

TP-Link Systems Inc.

VIGI Cx20I 1.0 Series (C220I 1.0/C320I 1.0/C420I 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_251014_Rel.58331n

TP-Link Systems Inc.

VIGI Cx20I 1.20 Series (C220I 1.20/C320I 1.20/C420I 1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.44071n

TP-Link Systems Inc.

VIGI Cx30I 1.0 Series (C230I 1.0/C330I 1.0/C430I 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.45506n

TP-Link Systems Inc.

VIGI Cx30I 1.20 Series (C230I 1.20/C330I 1.20/C430I 1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.44555n

TP-Link Systems Inc.

VIGI Cx40I 1.0 Series (C240I 1.0/C340I 1.0/C440I 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.46003n

TP-Link Systems Inc.

VIGI Cx40I 1.20 Series (C240I 1.20/C340I 1.20/C440I 1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.45041n

TP-Link Systems Inc.

VIGI Cx30 1.0 Series (C230 1.0/C330 1.0/C430 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.46796n

TP-Link Systems Inc.

VIGI Cx30 1.20 Series (C230 1.20/C330 1.20/C430 1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.46796n

TP-Link Systems Inc.

VIGI C230I Mini

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.47570n

TP-Link Systems Inc.

VIGI C240 1.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.48425n

TP-Link Systems Inc.

VIGI C340 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.49304n

TP-Link Systems Inc.

VIGI C440 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.49778n

TP-Link Systems Inc.

VIGI C540 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.50397n

TP-Link Systems Inc.

VIGI C540-4G

unaffected

Version	Status	Constraints
`0`	affected	< 2.2.0_Build_250826_Rel.56808n

TP-Link Systems Inc.

VIGI C340-W 2.x Series (C340-W 2.0/C340-W 2.20)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.1_Build_250717_Rel.66528n

TP-Link Systems Inc.

VIGI C440-W 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.1_Build_250717_Rel.66632n

TP-Link Systems Inc.

VIGI C540-W 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.1_Build_250717_Rel.67730n

TP-Link Systems Inc.

VIGI InSight S345-4G

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250725_Rel.36867n

TP-Link Systems Inc.

VIGI InSight Sx25 Series (S225/S325/S425)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.0_Build_250630_Rel.39597n

TP-Link Systems Inc.

VIGI Cx20 Series (C320/C420)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0_Build_250701_Rel.39597n

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Tp-link Subscribe	Vigi C230i Mini Subscribe Vigi C240 Subscribe Vigi C250 Subscribe Vigi C340 Subscribe Vigi C340s Subscribe Vigi C440 Subscribe Vigi C540 Subscribe Vigi C540-4g Subscribe Vigi C540s Subscribe Vigi C540v Subscribe Vigi Cx20 Series Subscribe Vigi Cx20i 1.0 Series Subscribe Vigi Cx20i 1.20 Series Subscribe Vigi Cx30 1.0 Series Subscribe Vigi Cx30 1.20 Series Subscribe Vigi Cx30i 1.0 Series Subscribe Vigi Cx30i 1.20 Series Subscribe Vigi Cx40i 1.0 Series Subscribe Vigi Cx40i 1.20 Series Subscribe Vigi Cx45 Series Subscribe Vigi Cx50 Series Subscribe Vigi Cx55 Series Subscribe Vigi Cx85 Series Subscribe Vigi Insight S345-4g Subscribe Vigi Insight S655i Subscribe Vigi Insight Sx25 Series Subscribe Vigi Insight Sx45 Series Subscribe Vigi Insight Sx45zi Series Subscribe Vigi Insight Sx55 Series Subscribe Vigi Insight Sx85 Series Subscribe Vigi Insight Sx85pi Series Subscribe

Project Subscriptions

Vendors	Products
Tp-link Subscribe	Vigi C230i Mini Subscribe Vigi C240 Subscribe Vigi C250 Subscribe Vigi C340 Subscribe Vigi C340s Subscribe Vigi C440 Subscribe Vigi C540 Subscribe Vigi C540-4g Subscribe Vigi C540s Subscribe Vigi C540v Subscribe Vigi Cx20 Series Subscribe Vigi Cx20i 1.0 Series Subscribe Vigi Cx20i 1.20 Series Subscribe Vigi Cx30 1.0 Series Subscribe Vigi Cx30 1.20 Series Subscribe Vigi Cx30i 1.0 Series Subscribe Vigi Cx30i 1.20 Series Subscribe Vigi Cx40i 1.0 Series Subscribe Vigi Cx40i 1.20 Series Subscribe Vigi Cx45 Series Subscribe Vigi Cx50 Series Subscribe Vigi Cx55 Series Subscribe Vigi Cx85 Series Subscribe Vigi Insight S345-4g Subscribe Vigi Insight S655i Subscribe Vigi Insight Sx25 Series Subscribe Vigi Insight Sx45 Series Subscribe Vigi Insight Sx45zi Series Subscribe Vigi Insight Sx55 Series Subscribe Vigi Insight Sx85 Series Subscribe Vigi Insight Sx85pi Series Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.tp-link.com/us/support/faq/4906/
https://www.vigi.com/en/support/download/
https://www.vigi.com/in/support/download/
https://www.vigi.com/us/support/download/

History

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link Tp-link vigi C230i Mini Tp-link vigi C240 Tp-link vigi C250 Tp-link vigi C340 Tp-link vigi C340s Tp-link vigi C440 Tp-link vigi C540 Tp-link vigi C540-4g Tp-link vigi C540s Tp-link vigi C540v Tp-link vigi Cx20 Series Tp-link vigi Cx20i 1.0 Series Tp-link vigi Cx20i 1.20 Series Tp-link vigi Cx30 1.0 Series Tp-link vigi Cx30 1.20 Series Tp-link vigi Cx30i 1.0 Series Tp-link vigi Cx30i 1.20 Series Tp-link vigi Cx40i 1.0 Series Tp-link vigi Cx40i 1.20 Series Tp-link vigi Cx45 Series Tp-link vigi Cx50 Series Tp-link vigi Cx55 Series Tp-link vigi Cx85 Series Tp-link vigi Insight S345-4g Tp-link vigi Insight S655i Tp-link vigi Insight Sx25 Series Tp-link vigi Insight Sx45 Series Tp-link vigi Insight Sx45zi Series Tp-link vigi Insight Sx55 Series Tp-link vigi Insight Sx85 Series Tp-link vigi Insight Sx85pi Series
Vendors & Products		Tp-link Tp-link vigi C230i Mini Tp-link vigi C240 Tp-link vigi C250 Tp-link vigi C340 Tp-link vigi C340s Tp-link vigi C440 Tp-link vigi C540 Tp-link vigi C540-4g Tp-link vigi C540s Tp-link vigi C540v Tp-link vigi Cx20 Series Tp-link vigi Cx20i 1.0 Series Tp-link vigi Cx20i 1.20 Series Tp-link vigi Cx30 1.0 Series Tp-link vigi Cx30 1.20 Series Tp-link vigi Cx30i 1.0 Series Tp-link vigi Cx30i 1.20 Series Tp-link vigi Cx40i 1.0 Series Tp-link vigi Cx40i 1.20 Series Tp-link vigi Cx45 Series Tp-link vigi Cx50 Series Tp-link vigi Cx55 Series Tp-link vigi Cx85 Series Tp-link vigi Insight S345-4g Tp-link vigi Insight S655i Tp-link vigi Insight Sx25 Series Tp-link vigi Insight Sx45 Series Tp-link vigi Insight Sx45zi Series Tp-link vigi Insight Sx55 Series Tp-link vigi Insight Sx85 Series Tp-link vigi Insight Sx85pi Series

Wed, 21 Jan 2026 18:30:00 +0000

Type	Values Removed	Values Added
References	https://www.tp-link.com/us/support/faq/4899/

Wed, 21 Jan 2026 18:15:00 +0000

Type	Values Removed	Values Added
References		https://www.tp-link.com/us/support/faq/4906/

Fri, 16 Jan 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 16 Jan 2026 17:30:00 +0000

Type	Values Removed	Values Added
Description		Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.
Title		Authentication Bypass in Password Recovery Feature via Local Web App on Multiple VIGI Cameras
Weaknesses		CWE-287
References		https://www.tp-link.com/us/support/faq/4899/ https://www.vigi.com/en/support/download/ https://www.vigi.com/in/support/download/ https://www.vigi.com/us/support/download/
Metrics		cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2026-01-16T17:24:39.370Z

Updated: 2026-01-21T17:53:30.225Z

Reserved: 2026-01-06T00:07:04.905Z

Link: CVE-2026-0629

Vulnrichment

Updated: 2026-01-16T17:38:44.636Z

NVD

Status : Awaiting Analysis

Published: 2026-01-16T18:16:09.190

Modified: 2026-01-26T15:05:57.190

Link: CVE-2026-0629

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-01-22T10:15:23Z

Weaknesses

CWE-287

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object