CVE-2026-6250EPSS p36.5%
CVE-2026-6250CVE-2026-6250
tp-link / tapo_c110_firmware
Description
An
authenticated format string vulnerability exists in the ONVIF service of Tapo
C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as
a format string, which can be used to manipulate stack memory, including
control flow data such as return addresses.
A remote
authenticated attacker may redirect execution flow to existing internal
functions, triggering an unauthorized factory reset, leading to loss of
configuration, deletion of stored credentials and service disruption.
Scoring
| CVSS | 8.1 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| EPSS | 0.46% probability of exploitation · percentile 36.5% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-16 |