HIGH
TP-Link Systems Inc.
CVE published 2026-02-05
CVE-2026-0629
CVE-2026-0629 is a high-severity authentication bypass in the password recovery feature of TP-Link VIGI cameras’ local web interface. According to the CISA CSAF advisory, an attacker on the LAN can manipulate client-side state to reset the admin password without verification and then obtain full administrative access. TP-Link and CISA list firmware updates as the primary remediation, and the advisory was [truncated]