PatchSiren cyber security CVE debrief
CVE-2026-6241 TP-Link Systems Inc. CVE debrief
CVE-2026-6241 is an authenticated format string vulnerability in the ONVIF AddScopes of Tapo C520WS v2. User-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to manipulate memory handling behavior. Successful exploitation may cause the ONVIF management service to crash, resulting in a DoS condition that impacts normal device operation.
- Vendor
- TP-Link Systems Inc.
- Product
- Tapo C520WS v2
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-06
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-06
- Advisory updated
- 2026-06-08
Who should care
Administrators and users of Tapo C520WS v2 devices should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability has a CVSS score of 6.8 and is classified as MEDIUM severity. The CVSS vector is CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
MEDIUM
Recommended defensive actions
- Update to the latest firmware version as available from the vendor.
- Restrict access to the ONVIF management service to only trusted users and networks.
- Monitor device logs for suspicious activity.
Evidence notes
The vendor is listed as Unknown Vendor, but evidence suggests the product is from Tp Link.
Official resources
-
CVE-2026-6241 CVE record
CVE.org
-
CVE-2026-6241 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
f23511db-6c3e-4e32-a477-6aa17d310630
-
Source reference
f23511db-6c3e-4e32-a477-6aa17d310630
-
Source reference
f23511db-6c3e-4e32-a477-6aa17d310630
CVE-2026-6241 was published on 2026-06-06T00:16:41.230Z and modified on 2026-06-08T15:01:06.580Z.