CVE-2026-6239

Published: Giu 06, 2026 Last Modified: Giu 06, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,8

Source: f23511db-6c3e-4e32-a477-6aa17d310630

Attack Vector: adjacent

Attack Complexity: low

Privileges Required: high

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

A stack‑based
buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where
the device fails to properly validate the number of XML user nodes during
request processing. An authenticated attacker can send a specially crafted
ONVIF request containing an excessive number of user entries to trigger memory
corruption.

Successful
exploitation may cause the ONVIF management service to terminate unexpectedly,
resulting in a denial‑of‑service (DoS) condition that disrupts device
configuration and management functions.

121

Stack-based Buffer Overflow

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other

Applicable Platforms

Languages: Memory-Unsafe, C, C++

Likelihood of Exploit: High

View CWE Details

https://www.tp-link.com/en/support/download/tapo-c520ws/#Fi…

https://www.tp-link.com/en/support/download/tapo-c520ws/#Firmware-Release-Notes

https://www.tp-link.com/us/support/download/tapo-c520ws/#Fi…

https://www.tp-link.com/us/support/download/tapo-c520ws/#Firmware-Release-Notes

https://www.tp-link.com/us/support/faq/5120/

CVE-2026-6239

Description

Stack-based Buffer Overflow

Common Consequences

Applicable Platforms

Iscriviti alla newsletter