Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (30 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-27126 1 Tp-link 2 Tapo C200, Tapo C200 Firmware 2025-01-08 4.6 Medium
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.
CVE-2023-49515 1 Tp-link 4 Tapo C200, Tapo C200 Firmware, Tapo Tc70 and 1 more 2024-11-21 4.6 Medium
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.
CVE-2023-39610 1 Tp-link 2 Tapo C100, Tapo C100 Firmware 2024-11-21 6.5 Medium
An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted web request.
CVE-2023-38909 1 Tp-link 3 Tapo, Tapo L530e, Tapo L530e Firmware 2024-11-21 6.5 Medium
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.
CVE-2023-38908 1 Tp-link 3 Tapo, Tapo L530e, Tapo L530e Firmware 2024-11-21 6.5 Medium
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function.
CVE-2023-38907 1 Tp-link 3 Tapo, Tapo L530e, Tapo L530e Firmware 2024-11-21 7.5 High
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages encrypted with a still valid session key.
CVE-2023-38906 1 Tp-link 3 Tapo, Tapo L530e, Tapo L530e Firmware 2024-11-21 6.5 Medium
An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.
CVE-2021-4045 1 Tp-link 2 Tapo C200, Tapo C200 Firmware 2024-11-21 9.8 Critical
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
CVE-2020-11445 1 Tp-link 30 Kc200, Kc200 Firmware, Kc300s2 and 27 more 2024-11-21 5.3 Medium
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
CVE-2024-10523 1 Tp-link 2 Tapo H100, Tapo H100 Firmware 2024-11-08 4.6 Medium
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.