A vulnerability categorized as critical has been discovered in TP-Link Tapo C520WS v2 . This impacts an unknown function of the component ONVIF AddScopes . The manipulation results in format string. This vulnerability was named CVE-2026-6241 . The attack may be performed from remote. There is no available exploit.