Loading market data...
← Back to CVE feed

CVE-2026-6240

UNKNOWN View on NVD ↗

Description

A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive number of identifiers to overflow stack memory. Successful exploitation may result in a service crash or deadlock, leading to DoS affecting device management and monitoring functionality.

Published: Jun 06, 2026 00:16 UTC Modified: Jun 06, 2026 00:16 UTC