Lucene search

[email protected]NVD:CVE-2023-27098

HistoryJan 09, 2024 - 2:15 a.m.

CVE-2023-27098

2024-01-0902:15:44

CWE-312

[email protected]

web.nvd.nist.gov

tp-link tapo

apk

hardcoded credentials

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

44.3%

JSON

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.

Affected configurations

Nvd

Node

tp-linktapo_c200Match-

AND

tp-linktapoRange<2.11.44android

VendorProductVersionCPE
tp-linktapo_c200-cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*
tp-linktapo*cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*

Vendor	Product	Version	CPE
tp-link	tapo_c200	-	cpe:2.3:h:tp-link:tapo_c200:-:::::::*
tp-link	tapo	*	cpe:2.3:a:tp-link:tapo::::::android::*

References

tp-lin.com

tp-link.com

github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098

www.tp-link.com/support/contact-technical-support/#LiveChat-Support

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

44.3%

JSON

Related for NVD:CVE-2023-27098

cvelist1 prion1 cve1