Stack-Based Buffer Overflow in Tapo C520WS Device by TP-Link
CVE-2026-6239
6.8MEDIUM
What is CVE-2026-6239?
A buffer overflow vulnerability has been identified in the Tapo C520WS device, specifically within the ONVIF CreateUsers service. The flaw arises when the device inadequately validates the number of XML user nodes during incoming request processing. An authenticated attacker can exploit this vulnerability by sending a crafted ONVIF request with an excessive number of user entries, leading to memory corruption. Such exploitation can cause the ONVIF management service to terminate unexpectedly, resulting in a denial-of-service condition that disrupts the device's configuration and management capabilities.
Affected Version(s)
Tapo C520WS v2 0 < 1.2.6 Build 260528
