CVE-2026-6241
Received Received - Intake
Authenticated Format String Vulnerability in Tapo C520WS v2

Publication date: 2026-06-06

Last updated on: 2026-06-06

Assigner: TPLink

Description
An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to manipulate memory handling behavior. Successful exploitation may cause the ONVIF management service to crash, resulting in DoS condition that impacts normal device operation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-06
Last Modified
2026-06-06
Generated
2026-06-06
AI Q&A
2026-06-06
EPSS Evaluated
N/A
NVD
CVE-2026-6241
EUVD
EUVD-2026-34936
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tapo c520ws 2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-134 The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an authenticated format string issue found in the ONVIF AddScopes feature of the Tapo C520WS v2 device. It occurs because user-controlled input is passed to formatting functions without proper sanitization, allowing an attacker to inject format specifiers into ONVIF scope parameters.

By exploiting this, an attacker can manipulate how memory is handled during the formatting process.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is an authenticated format string issue in the ONVIF AddScopes feature of the Tapo C520WS v2 camera. Since exploitation can cause the ONVIF management service to crash and result in a denial of service, immediate mitigation should focus on preventing exploitation.

No direct mitigation steps or firmware updates are provided in the available resources for CVE-2026-6241. Therefore, general best practices include restricting access to the device's ONVIF management interface to trusted users only, monitoring for unusual crashes or service disruptions, and applying any future firmware updates from the vendor that address this vulnerability.


How can this vulnerability impact me? :

Successful exploitation of this vulnerability can cause the ONVIF management service on the device to crash.

This crash results in a denial-of-service (DoS) condition, which disrupts normal device operation.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart