Security Advisory

TP-Link Product Security Update Advisory (CVE-2026-0629)

  • Jan 22 2026
TP-Link Product Security Update Advisory (CVE-2026-0629)

Overview

 

TP-Link has released a security update to fix vulnerabilities in its products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2026-0629

 

VIGI Cx45 versions: C345, C445
VIGI Cx55 Versions: C355, C455
VIGI Cx85 versions: C385, C485
VIGI C340S versions: C340S
VIGI C540S Versions: C540S, EasyCam C540S
VIGI C540V versions: C540V
VIGI C250 Versions: C250
VIGI Cx50 versions: C350, C450
VIGI Cx20I (1.0) versions: C220i 1.0, c320i 1.0, c420i 1.0
VIGI Cx20I (1.20) Versions: C220i 1.20, c320i 1.20, c420i 1.20
VIGI Cx30I (1.0) Versions: C230i 1.0, c330i 1.0, c430i 1.0
VIGI Cx30I (1.20) Versions: C230i 1.20, c330i 1.20, c430i 1.20
VIGI Cx30 (1.0) Versions: C230 1.0, c330 1.0, c430 1.0
VIGI Cx30 (1.20) Versions: C230 1.20, c330 1.20, c430 1.20
VIGI Cx40I (1.0) Versions: C240i 1.0, c340i 1.0, c440i 1.0
VIGI Cx40I (1.20) Versions: C240i 1.20, c340i 1.20, c440i 1.20
VIGI C230I Mini versions: C230I Mini
VIGI C240 1.0 Version: C240 1.0
VIGI C340 2.0 Version: C340 2.0
VIGI C440 2.0 version: C440 2.0
VIGI C540 2.0 version: C540 2.0
VIGI C540-4G version: C540-4G
VIGI Cx40-W Versions: C340-w 2.0/2.20, c440-w 2.0, c540-w 2.0
VIGI Cx20 Versions: C320, C420
VIGI InSight Sx45 versions: S245, S345, S445
VIGI InSight Sx55 versions: S355, S455
VIGI InSight Sx85 versions: S285, S385
VIGI InSight Sx45ZI versions: S245zi, s345zi, s445zi
VIGI InSight Sx85PI versions: S385PI, S485PI
VIGI InSight S655I versions: S655I
VIGI InSight S345-4G versions: S345-4G
VIGI InSight Sx25 versions: S225, S325, S425

 

 

Resolved Vulnerabilities

 

Authentication bypass vulnerability in the password recovery feature of the VIGI camera local web interface (CVE-2026-0629)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2026-0629

 

VIGI Cx45 Version: 3.1.0 Build 250820 Rel.57668n or later
VIGI Cx55 Version: 3.1.0 Build 250820 Rel.58873n or later
VIGI Cx85 Version: 3.0.2 Build 250630 Rel.71279n or later
VIGI C340S Version: 3.1.0 Build 250625 Rel.65381n or later
VIGI C540S Version: 3.1.0 Build 250625 Rel.66601n or later
VIGI C540V Version: 2.1.0 Build 250702 Rel.54300n or later
VIGI C250 Version: 2.1.0 Build 250702 Rel.54301n or later
VIGI Cx50 Version: 2.1.0 Build 250702 Rel.54294n or later
VIGI Cx20I (1.0) Version: 2.1.0 Build 251014 Rel.58331n or later
VIGI Cx20I (1.20) Version: 2.1.0 Build 250701 Rel.44071n or later
VIGI Cx30I (1.0) Version: 2.1.0 Build 250701 Rel.45506n or later
VIGI Cx30I (1.20) Version: 2.1.0 Build 250701 Rel.44555n or later
VIGI Cx30 (1.0) Versions: 2.1.0 Build 250701 Rel.46796n or later
VIGI Cx30 (1.20) version: 2.1.0 Build 250701 Rel.46796n or later
VIGI Cx40I (1.0) Versions: 2.1.0 Build 250701 Rel.46003n or later
VIGI Cx40I (1.20) Version: 2.1.0 Build 250701 Rel.45041n or later
VIGI C230I Mini Version: 2.1.0 Build 250701 Rel.47570n or later
VIGI C240 1.0 Version: 2.1.0 Build 250701 Rel.48425n or later
VIGI C340 2.0 Version: 2.1.0 Build 250701 Rel.49304n or later
VIGI C440 2.0 version: 2.1.0 Build 250701 Rel.49778n or later
VIGI C540 2.0 version: 2.1.0 Build 250701 Rel.50397n or later
VIGI C540-4G Version: 2.2.0 Build 250826 Rel.56808n or later
VIGI Cx40-W Versions: 2.1.1 Build 250717 or later
VIGI Cx20 Version: 2.1.0 Build 250701 Rel.39597n or later
VIGI InSight Sx45 Version: 3.1.0 Build 250820 Rel.57668n or later
VIGI InSight Sx55 Version: 3.1.0 Build 250820 Rel.58873n or later
VIGI InSight Sx85 Version: 3.0.2 Build 250630 Rel.71279n or later
VIGI InSight Sx45ZI Version: 1.2.0 Build 250820 Rel.60930n or later
VIGI InSight Sx85PI Version: 1.2.0 Build 250827 Rel.66817n or later
VIGI InSight S655I Version: 1.1.1 Build 250625 Rel.64224n or later
VIGI InSight S345-4G Version: 2.1.0 Build 250725 Rel.36867n or later
VIGI InSight Sx25 Version: 1.1.0 Build 250630 Rel.39597n or later

 

 

References

 

[1] Security Advisory on Authentication Bypass in Password Recovery Feature via Local Web App on VIGI Cameras (CVE-2026-0629)
https://www.tp-link.com/us/support/faq/4906/

Tags:
Previous Post

Next Post