CVE-2023-49515

2024-01-1700:00:00

mitre

www.cve.org

cve-2023-49515

insecure permissions

tp link tc70

tp link c200

wifi camera

firmware v.1.3.4

firmware v.1.3.11

physically proximate attacker

sensitive information

uart pin components

4.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.

References

github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART

github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master