Lucene search

Tapo C200 Firmware Security Vulnerabilities

cve

CVE-2020-11445

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.

5.3CVSS

5.3AI Score

0.001EPSS

2020-04-01 04:15 AM

cve

CVE-2021-4045

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.

9.8CVSS

9.3AI Score

0.251EPSS

2022-03-10 05:44 PM

In Wild

cve

CVE-2023-27126

The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the vi...

4.6CVSS

4.7AI Score

0.001EPSS

2023-06-06 06:15 PM

cve

CVE-2023-49515

Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.

4.6CVSS

4.4AI Score

0.0004EPSS

2024-01-17 02:15 AM