CVE-2026-1457 — HIGH (8.8) — White Hats Nepal

Q: How severe is CVE-2026-1457?

CVE-2026-1457 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-1457?

Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Vigi C385 Firmware, Tp-Link Vigi C385.

Vulnerability Description

An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute arbitrary code with elevated privileges.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Tp-Link	Vigi C385 Firmware	< 3.1.1
Tp-Link	Vigi C385	1.0

Related Weaknesses (CWE)

CWE-121

References

FAQ

What is CVE-2026-1457?

CVE-2026-1457 is a vulnerability with a CVSS score of 8.8 (HIGH). An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buff...

How severe is CVE-2026-1457?

CVE-2026-1457 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-1457?

Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Vigi C385 Firmware, Tp-Link Vigi C385.