Ethical Hacking News
Researchers have identified a critical vulnerability in TP-Link VIGI cameras that allows attackers to bypass authentication and gain full administrative access to devices. The vulnerability affects over 32 camera models and has been reported remotely, with over 2,500 internet-exposed cameras found. Organizations with VIGI cameras are advised to patch their systems immediately.
TP-Link VIGI cameras (32+ models) are vulnerable to CVE-2026-0629 (CVSS score 8.7), allowing attackers to bypass authentication and gain full administrative access. The vulnerability exploits the password recovery feature, enabling remote exploitation of devices for unauthorized access. Over 2,500 internet-exposed vulnerable cameras were found by researcher Arko Dhar, with the actual number likely much higher. The impact extends beyond security breaches to expose live and recorded video, enable spying and physical intrusions, and create legal and regulatory risks due to privacy violations. Regular software updates and patching are crucial to prevent similar vulnerabilities; organizations should take immediate action to secure their systems.
The world of cybersecurity has witnessed numerous breaches and vulnerabilities over the years, but a recent discovery by researcher Arko Dhar from Redinent Innovations has left many enterprise security experts reeling. The vulnerability, tracked as CVE-2026-0629 (CVSS score 8.7), affects over 32 VIGI C and VIGI InSight camera models manufactured by TP-Link, a renowned company in the field of professional video surveillance (CCTV) cameras.
According to the advisory released by TP-Link, the vulnerability allows an attacker on a local network to bypass authentication by abusing the password recovery feature. This, in turn, enables the attacker to reset the admin password without verification and gain full administrative access to the device, compromising configuration and network security. The researcher pointed out that attackers could exploit this flaw remotely, and upon conducting an extensive investigation, he found over 2,500 internet-exposed vulnerable cameras.
It is worth noting that the researchers checked only one model, so the real number of exposed devices is likely much higher. The impact of this vulnerability extends beyond mere security breaches; it can expose live and recorded video, enable spying and physical intrusions, allow attackers to move inside corporate networks, build botnets for DDoS attacks, tamper with evidence, disrupt operations, and create legal and regulatory risks due to privacy violations.
The discovery of this critical vulnerability has sent shockwaves through the cybersecurity community, highlighting the importance of regular software updates and patching. It also underscores the need for enterprises to implement robust security measures, including network segmentation, encryption, and access controls, to prevent similar vulnerabilities from compromising their systems.
Furthermore, this incident serves as a reminder that even seemingly innocuous devices, such as IP cameras, can be exploited by malicious actors if they are not properly secured. The attack vector in question is an example of the "password recovery" vulnerability, which exploits the weaknesses in password reset mechanisms to gain unauthorized access to a device.
The fact that attackers could exploit this flaw remotely raises serious concerns about the potential for widespread disruption and data theft. In light of these findings, organizations with VIGI cameras should take immediate action to patch their systems and ensure that all devices are updated with the latest security patches.
In conclusion, the discovery of the CVE-2026-0629 (CVSS score 8.7) vulnerability in TP-Link VIGI cameras is a stark reminder of the ever-present threats facing enterprises and the importance of prioritizing cybersecurity. By staying vigilant and taking proactive steps to secure their systems, organizations can minimize the risk of similar vulnerabilities being exploited by malicious actors.
Related Information:
https://www.ethicalhackingnews.com/articles/Critical-Vulnerability-Exposed-in-TP-Link-VIGI-Cameras-A-Threat-to-Enterprise-Security-ehn.shtml
https://securityaffairs.com/187110/hacking/critical-tp-link-vigi-camera-flaw-allowed-remote-takeover-of-surveillance-systems.html
https://www.securityweek.com/tp-link-patches-vulnerability-exposing-vigi-cameras-to-hacking/
https://nvd.nist.gov/vuln/detail/CVE-2026-0629
https://www.cvedetails.com/cve/CVE-2026-0629/
Published: Tue Jan 20 10:11:38 2026 by llama3.2 3B Q4_K_M
