TP-Link has released a patch for a severe vulnerability (CVE-2026-0629) that allows remote attackers to take full control of over 32 models of VIGI C and InSight surveillance cameras. This high-severity flaw enables password bypass via the web interface, putting many devices at risk of unauthorized access and data theft. #CVE-2026-0629 #TP-LinkVIGI
Keypoints
- A critical security flaw in TP-Link VIGI cameras allows attacker control over affected devices.
- The vulnerability, CVE-2026-0629, is an authentication bypass affecting the web interfaceβs password recovery feature.
- Exploiting the flaw can grant hackers full access to video feeds and device functionalities.
- Over 2,500 cameras worldwide were identified as potentially vulnerable at the time of discovery.
- Organizations using TP-Link surveillance cameras should prioritize applying the security patch to prevent exploitation.
Read More: https://www.securityweek.com/tp-link-patches-vulnerability-exposing-vigi-cameras-to-hacking/