CVE-2026-6242
Authenticated Format String Vulnerability in Tapo C520WS v2
Publication date: 2026-06-06
Last updated on: 2026-06-06
Assigner: TPLink
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tapo | c520ws | 2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-134 | The product uses a function that accepts a format string as an argument, but the format string originates from an external source. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authenticated format string issue in the ONVIF Subscribe service of the Tapo C520WS v2 device. It occurs because the service improperly handles externally supplied parameters within formatting functions. An attacker who is authenticated can inject specially crafted format strings into event subscription requests or during notification generation.
This injection can disrupt the normal execution of the service, potentially causing it to terminate unexpectedly.
How can this vulnerability impact me? :
Exploiting this vulnerability can cause the event notification service on the device to stop working unexpectedly. This results in the loss of real-time alarm functionality and disruption of event notifications, which could impact monitoring and security operations relying on timely alerts.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the authenticated format string vulnerability in the ONVIF Subscribe service of the Tapo C520WS v2, immediate steps include ensuring that the device firmware is updated to the latest version provided by the vendor.
Although the provided resources do not specify a direct fix for CVE-2026-6242, it is generally recommended to check for firmware updates from TP-Link that address security issues and apply them promptly.