Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tapo
(Tp\-Link)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-08-22 | CVE-2023-38906 | An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message. | Tapo, Tapo_l530e_firmware | 6.5 | ||
| 2023-08-22 | CVE-2023-38908 | An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function. | Tapo, Tapo_l530e_firmware | 6.5 | ||
| 2023-08-22 | CVE-2023-38909 | An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function. | Tapo, Tapo_l530e_firmware | 6.5 | ||
| 2023-09-25 | CVE-2023-38907 | An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages encrypted with a still valid session key. | Tapo, Tapo_l530e_firmware | 7.5 | ||
| 2024-01-09 | CVE-2023-27098 | TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel. | Tapo | 7.5 | ||
| 2023-12-28 | CVE-2023-34829 | Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext. | Tapo | 6.5 |