CVE-2026-1457
Authenticated Buffer Overflow in TP-Link VIGI C385 Web API Enables RCE
Publication date: 2026-01-29
Last updated on: 2026-03-09
Assigner: TPLink
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tp-link | vigi_c385_firmware | to 3.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authenticated buffer handling flaw in the TP-Link VIGI C385 V1 Web API. Due to lack of proper input sanitization, an authenticated attacker can trigger a buffer overflow, causing memory corruption. This may allow the attacker to execute arbitrary code with elevated privileges on the device. [2]
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an authenticated attacker to execute arbitrary code with elevated privileges on the affected TP-Link VIGI C385 V1 device. This could lead to full compromise of the device, potentially allowing the attacker to control it remotely and perform unauthorized actions. [2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the TP-Link VIGI C385 V1 device firmware to the latest version available, specifically to version 3.1.1 Build 251124 Rel.50371n or later, as recommended by TP-Link. Applying this update will remediate the buffer handling flaw and prevent exploitation. [2]