Tp Link · Tapo C110 V2 · CVE-2026-6250
**Name of the Vulnerable Software and Affected Versions**
Tapo C110 v2
**Description**
A format string injection exists in the ONVIF service due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, allowing for the manipulation of stack memory, including control flow data such as return addresses. A remote authenticated attacker can redirect the execution flow to internal functions, which may trigger an unauthorized factory reset, resulting in the deletion of stored credentials, loss of configuration, and service disruption.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.