Vulnerabilites related to tp-link - tapo_c200_firmware
Vulnerability from fkie_nvd
Published
2024-01-17 02:15
Modified
2024-11-21 08:33
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tapo_c200_firmware | 1.1.22 | |
| tp-link | tapo_c200_firmware | 1.3.4 | |
| tp-link | tapo_c200_firmware | 1.3.9 | |
| tp-link | tapo_c200 | 3 | |
| tp-link | tapo_tc70_firmware | 1.1.22 | |
| tp-link | tapo_tc70_firmware | 1.3.4 | |
| tp-link | tapo_tc70_firmware | 1.3.9 | |
| tp-link | tapo_tc70 | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:1.1.22:*:*:*:*:*:*:*", matchCriteriaId: "F8B55FEB-BDBD-487C-AF40-96503FEA61A3", vulnerable: true, }, { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "0ABA4795-D138-4B15-9857-97AABCD2084F", vulnerable: true, }, { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "04FD030B-F5A6-4430-8C14-2CB177DDD9E3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_c200:3:*:*:*:*:*:*:*", matchCriteriaId: "101FA54E-1A3D-4A38-BBD0-8DAFAC414EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_tc70_firmware:1.1.22:*:*:*:*:*:*:*", matchCriteriaId: "22DCA162-FA48-40E1-8027-9C9C9BD605BB", vulnerable: true, }, { criteria: "cpe:2.3:o:tp-link:tapo_tc70_firmware:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C8272A35-4987-4091-9B3E-A75135FEA618", vulnerable: true, }, { criteria: "cpe:2.3:o:tp-link:tapo_tc70_firmware:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "051C949E-16AA-4210-96D3-6A83EB40E9CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_tc70:3.0:*:*:*:*:*:*:*", matchCriteriaId: "BC3A63A3-752C-49F7-84F0-415601086919", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.", }, { lang: "es", value: "La vulnerabilidad de permisos inseguros en TP Link TC70 y C200 WIFI Camera v.3 firmware v.1.3.4 y corregida en v.1.3.11 permite a un atacante físicamente cercano obtener información confidencial a través de una conexión a los componentes del pin UART.", }, ], id: "CVE-2023-49515", lastModified: "2024-11-21T08:33:29.953", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-01-17T02:15:06.957", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-922", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 04:57
Severity ?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc450_firmware | * | |
| tp-link | nc450 | - | |
| tp-link | nc260_firmware | * | |
| tp-link | nc260 | - | |
| tp-link | nc250_firmware | * | |
| tp-link | nc250 | - | |
| tp-link | nc230_firmware | * | |
| tp-link | nc230 | - | |
| tp-link | nc220_firmware | * | |
| tp-link | nc220 | - | |
| tp-link | nc210_firmware | * | |
| tp-link | nc210 | - | |
| tp-link | nc200_firmware | * | |
| tp-link | nc200 | - | |
| tp-link | kc300s2_firmware | * | |
| tp-link | kc300s2 | - | |
| tp-link | kc310s2_firmware | * | |
| tp-link | kc310s2 | - | |
| tp-link | kc200_firmware | * | |
| tp-link | kc200 | - | |
| tp-link | tapo_c200_firmware | * | |
| tp-link | tapo_c200 | - | |
| tp-link | tapo_c100_firmware | * | |
| tp-link | tapo_c100 | - | |
| tp-link | tl-sc3430_firmware | * | |
| tp-link | tl-sc3430 | - | |
| tp-link | tl-sc3430n_firmware | * | |
| tp-link | tl-sc3430n | - | |
| tp-link | tl-sc4171g_firmware | * | |
| tp-link | tl-sc4171g | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "771BEC34-1944-43ED-B2FC-F5B03A1C68DA", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*", matchCriteriaId: "71C122A0-FEC3-4482-A55D-09FA03A47F56", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82A81BB5-61AF-4E19-AC96-5EE29DA03D59", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*", matchCriteriaId: "0F82284F-1244-45BC-9F38-956219905C97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E74A2AC9-9873-4744-8A15-0771FD231FD7", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*", matchCriteriaId: "3C6A3B4E-F357-4E9F-A799-E58E0D593F19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97853CD1-D3A6-4713-88CA-F679614AE8E6", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E12F8B78-776B-4DC7-84A7-CABC37028583", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*", matchCriteriaId: "09A89384-FA35-492D-B25D-434A049D3A13", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F109E65-853A-4A56-A6B0-A40150805619", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*", matchCriteriaId: "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F32EECCC-1943-4C3C-BC2E-9E82EC79A94D", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*", matchCriteriaId: "1856BF12-5B8B-460C-951D-B48DAEFE93F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:kc300s2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47903BA2-E056-4320-A2D2-7BE2FB99B2C6", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:kc300s2:-:*:*:*:*:*:*:*", matchCriteriaId: "AEBCD870-BF04-4204-BE97-75C306732705", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:kc310s2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B321EA4-D48D-4579-8E5C-9A17BD18B9E0", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:kc310s2:-:*:*:*:*:*:*:*", matchCriteriaId: "F863D0B1-79D5-479C-92D0-F8D691E5E915", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:kc200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF85561-2455-4488-B8CA-D2355C91CBD0", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:kc200:-:*:*:*:*:*:*:*", matchCriteriaId: "3476F580-EC2B-40A3-AF3B-819708FDFA3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E99E304-A052-416A-BE1E-3A97198BE328", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*", matchCriteriaId: "91B3D3B3-6E31-4F14-8DF5-0E3519C29DFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_c100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A99C05D-55E4-4A7D-BE2E-CEDA67B4CB95", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_c100:-:*:*:*:*:*:*:*", matchCriteriaId: "2654082E-60FA-48F9-B69C-0D334C91EA53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-sc3430_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00217A8B-AD8C-4D50-8785-98473BEAE2D6", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-sc3430:-:*:*:*:*:*:*:*", matchCriteriaId: "29E212C7-26B4-4645-869F-F5A95EA53B64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-sc3430n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1FC76CA-8A7A-49F9-B403-8942CD573E1F", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-sc3430n:-:*:*:*:*:*:*:*", matchCriteriaId: "46C27C3B-BE49-4202-A477-4AD69B4D7302", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-sc4171g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F58A2506-C5BF-4BF2-9A92-25BB5EADC281", versionEndIncluding: "2020-02-09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-sc4171g:-:*:*:*:*:*:*:*", matchCriteriaId: "974F5AB4-9A68-4941-8E80-D18F36F167A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.", }, { lang: "es", value: "Las cámaras cloud de TP-Link hasta el 09-02-2020, permiten a atacantes remotos omitir la autenticación y conseguir información confidencial por medio de vectores que involucran una sesión Wi-Fi con GPS habilitado, también se conoce como CNVD-2020-04855.", }, ], id: "CVE-2020-11445", lastModified: "2024-11-21T04:57:55.907", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-01T04:15:13.630", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.cnvd.org.cn/flaw/show/1916613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cnvd.org.cn/flaw/show/1916613", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:44
Modified
2024-11-21 06:36
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tapo_c200_firmware | * | |
| tp-link | tapo_c200 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21921DF3-4A0E-4668-8D46-94C753A68E8E", versionEndIncluding: "1.1.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*", matchCriteriaId: "91B3D3B3-6E31-4F14-8DF5-0E3519C29DFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.", }, { lang: "es", value: "La cámara IP TP-Link Tapo C200, en su versión de firmware 1.1.15 y anteriores, está afectada por una vulnerabilidad RCE no autenticada, presente en el binario uhttpd que es ejecutado por fallo como root. La explotación de esta vulnerabilidad permite a un atacante tomar el control total de la cámara", }, ], id: "CVE-2021-4045", lastModified: "2024-11-21T06:36:47.393", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "cve-coordination@incibe.es", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:44:51.300", references: [ { source: "cve-coordination@incibe.es", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", }, { source: "cve-coordination@incibe.es", tags: [ "Third Party Advisory", ], url: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", }, ], sourceIdentifier: "cve-coordination@incibe.es", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "cve-coordination@incibe.es", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-06 18:15
Modified
2025-01-08 16:15
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://tapo.com | Product | |
| cve@mitre.org | http://tp-link.com | Product | |
| cve@mitre.org | https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tapo.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tp-link.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tapo_c200_firmware | 1.2.2 | |
| tp-link | tapo_c200 | 3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tapo_c200_firmware:1.2.2:build_220725:*:*:*:*:*:*", matchCriteriaId: "C39386E6-329F-418D-8603-21B000694452", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tapo_c200:3:*:*:*:*:*:*:*", matchCriteriaId: "101FA54E-1A3D-4A38-BBD0-8DAFAC414EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.", }, ], id: "CVE-2023-27126", lastModified: "2025-01-08T16:15:27.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-06T18:15:10.343", references: [ { source: "cve@mitre.org", tags: [ "Product", ], url: "http://tapo.com", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "http://tp-link.com", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "http://tapo.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "http://tp-link.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
cve-2023-49515
Vulnerability from cvelistv5
Published
2024-01-17 00:00
Modified
2024-08-02 22:01
Severity ?
EPSS score ?
Summary
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:tp-link:tapo_tc70_firmware:1.3.4:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tapo_tc70_firmware", vendor: "tp-link", versions: [ { status: "affected", version: "1.3.4", }, ], }, { cpes: [ "cpe:2.3:a:tp-link:tapo_c200_v3_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tapo_c200_v3_firmware", vendor: "tp-link", versions: [ { status: "affected", version: "1.3.4", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-49515", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-22T17:03:22.219740Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-922", description: "CWE-922 Insecure Storage of Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:27:49.172Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T22:01:24.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master", }, { tags: [ "x_transferred", ], url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-17T01:53:28.775606", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master", }, { url: "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-49515", datePublished: "2024-01-17T00:00:00", dateReserved: "2023-11-27T00:00:00", dateUpdated: "2024-08-02T22:01:24.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11445
Vulnerability from cvelistv5
Published
2020-04-01 03:57
Modified
2024-08-04 11:28
Severity ?
EPSS score ?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cnvd.org.cn/flaw/show/1916613 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:28:13.879Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.cnvd.org.cn/flaw/show/1916613", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-01T03:57:55", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.cnvd.org.cn/flaw/show/1916613", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.cnvd.org.cn/flaw/show/1916613", refsource: "MISC", url: "https://www.cnvd.org.cn/flaw/show/1916613", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11445", datePublished: "2020-04-01T03:57:55", dateReserved: "2020-04-01T00:00:00", dateUpdated: "2024-08-04T11:28:13.879Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-27126
Vulnerability from cvelistv5
Published
2023-06-06 00:00
Modified
2025-01-08 15:47
Severity ?
EPSS score ?
Summary
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:01:32.381Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://tp-link.com", }, { tags: [ "x_transferred", ], url: "http://tapo.com", }, { tags: [ "x_transferred", ], url: "https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-27126", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:46:31.568551Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "CWE-522 Insufficiently Protected Credentials", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:47:38.197Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-06T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "http://tp-link.com", }, { url: "http://tapo.com", }, { url: "https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-27126", datePublished: "2023-06-06T00:00:00", dateReserved: "2023-02-27T00:00:00", dateUpdated: "2025-01-08T15:47:38.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-4045
Vulnerability from cvelistv5
Published
2022-03-07 21:58
Modified
2024-09-17 02:57
Severity ?
EPSS score ?
Summary
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:16:04.263Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Tapo C200", vendor: "TP-Link", versions: [ { lessThanOrEqual: "1.15", status: "affected", version: "1.15", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Víctor Fresco Perales", }, ], datePublic: "2022-02-11T00:00:00", descriptions: [ { lang: "en", value: "TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-23T15:06:17", orgId: "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", shortName: "INCIBE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", }, ], solutions: [ { lang: "en", value: "This vulnerability has already been solved by TP-Link in Tapo C200 1.1.16 version.", }, ], source: { defect: [ "INCIBE-2021-0601", ], discovery: "EXTERNAL", }, title: "TP-LINK Tapo C200 remote code execution vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve-coordination@incibe.es", DATE_PUBLIC: "2022-02-11T11:00:00.000Z", ID: "CVE-2021-4045", STATE: "PUBLIC", TITLE: "TP-LINK Tapo C200 remote code execution vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Tapo C200", version: { version_data: [ { version_affected: "<=", version_name: "1.15", version_value: "1.15", }, ], }, }, ], }, vendor_name: "TP-Link", }, ], }, }, credit: [ { lang: "eng", value: "Víctor Fresco Perales", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", refsource: "CONFIRM", url: "https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability", }, { name: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html", }, ], }, solution: [ { lang: "en", value: "This vulnerability has already been solved by TP-Link in Tapo C200 1.1.16 version.", }, ], source: { defect: [ "INCIBE-2021-0601", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", assignerShortName: "INCIBE", cveId: "CVE-2021-4045", datePublished: "2022-03-07T21:58:20.102267Z", dateReserved: "2021-12-02T00:00:00", dateUpdated: "2024-09-17T02:57:31.688Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }