CVE-2026-6240
Vulnerability Description
A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive number of identifiers to overflow stack memory.
Successful exploitation may result in a service crash or deadlock, leading to DoS affecting device management and monitoring functionality.
Successful exploitation may result in a service crash or deadlock, leading to DoS affecting device management and monitoring functionality.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-121
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!