GHSA-4gmj-9m2m-6h5fHighCVSS 8.1

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to...

Published
June 12, 2026
Last Modified
June 16, 2026

🔗 CVE IDs covered (1)

📋 Description

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input.  Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return addresses.

A remote authenticated attacker may redirect execution flow to existing internal functions, triggering an unauthorized factory reset, leading to loss of configuration, deletion of stored credentials and service disruption.

🔗 References (6)