NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2026-6239

概要	A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate the number of XML user nodes during request processing. An authenticated attacker can send a specially crafted ONVIF request containing an excessive number of user entries to trigger memory corruption. Successful exploitation may cause the ONVIF management service to terminate unexpectedly, resulting in a denial‑of‑service (DoS) condition that disrupts device configuration and management functions.
公表日	2026年6月6日9:16
登録日	2026年6月7日4:12
最終更新日	2026年6月6日9:16

関連情報、対策とツール

No	URL	refsource	タグ
1	https://www.tp-link.com/en/support/download/tapo-c520ws/#Firmware-Release-Notes	f23511db-6c3e-4e32-a477-6aa17d310630
2	https://www.tp-link.com/us/support/download/tapo-c520ws/#Firmware-Release-Notes	f23511db-6c3e-4e32-a477-6aa17d310630
3	https://www.tp-link.com/us/support/faq/5120/	f23511db-6c3e-4e32-a477-6aa17d310630

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-121	スタックオーバーフロー	https://cwe.mitre.org/data/definitions/121.html