Authenticated Format String Vulnerability in Tapo C520WS by TP-Link
CVE-2026-6241
6.8MEDIUM
What is CVE-2026-6241?
An authenticated format string vulnerability exists in the ONVIF AddScopes functionality of the Tapo C520WS v2. This vulnerability allows for unauthorized control over user input that is passed to formatting functions without proper sanitization. Attackers can exploit this flaw by injecting malicious format specifiers into ONVIF scope parameters, which can manipulate memory handling behaviors. As a result, this exploitation may lead to a crash of the ONVIF management service, causing a denial of service that interrupts the normal operation of the device.
Affected Version(s)
Tapo C520WS v2 0 < 1.2.6 Build 260528
