Lucene search
China National Vulnerability DatabaseCNVD-2022-20078HistoryMar 14, 2022 - 12:00 a.m.
Tp-link Tapo C200 Command Injection Vulnerability
2022-03-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
41
0.251 Low
EPSS
Percentile
96.7%
A command injection vulnerability exists in Tp-link Tapo C200 1.1.15 and previous firmware versions, which is caused by the presence of a uhttpd binary file that runs as root by default and lacks filtering and escaping. An unauthenticated attacker could use this vulnerability to execute system commands on the system via special command requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| TP-LINK Tapo C200 | le | 1.1.15 |
Related
githubexploit
githubexploit
Exploit for Command Injection in Tp-Link Tapo C200 Firmware
2022-10-08 04:18:14
Exploit for Command Injection in Tp-Link Tapo C200 Firmware
2023-12-26 08:20:49
Exploit for Command Injection in Tp-Link Tapo C200 Firmware
2021-11-15 14:48:14
nvd
nvd
CVE-2021-4045
2022-03-10 17:44:51
zdt
zdt
TP-Link Tapo c200 1.1.15 - Remote Code Execution Exploit
2022-09-23 00:00:00
attackerkb
attackerkb
CVE-2021-4045
2022-02-11 00:00:00
prion
prion
Default configuration
2022-03-10 17:44:00
cve
cve
CVE-2021-4045
2022-03-10 17:44:51
cvelist
cvelist
CVE-2021-4045 TP-LINK Tapo C200 remote code execution vulnerability
2022-02-11 00:00:00
packetstorm
packetstorm
TP-Link Tapo c200 1.1.15 Remote Code Execution
2022-09-23 00:00:00
exploitdb
exploitdb
TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE)
2022-09-23 00:00:00
thn
thn
Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers
2022-04-04 07:09:00