Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:37 a.m.4 views

CVE-2024-46548

TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack...

6.3CVSS6.8AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.6 views

CVE-2024-35495

An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...

4.3CVSS6.8AI score0.00181EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/12 12:0 a.m.5 views

The vulnerability of the Telemetry component of TP-Link Tapo P125M and Kasa KP125M software devices allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Telemetry component in the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the protected...

5CVSS5.5AI score0.00181EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.5 views

The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data, allowing attackers to execute a “man-in-the-middle” type attack.

The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.6 views

The vulnerability of TP-Link’s MQTT Broker and API gateway software for micro-programmed TP-Link devices like the KP125M and Tapo P125M allows a malicious actor to gain increased privileges.

The vulnerability of TP-Link’s MQTT broker and API gateway, which are part of the micro-programming software for TP-Link Kasa KP125M and Tapo P125M devices, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remote...

8CVSS5.5AI score0.00341EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/30 12:0 a.m.12 views

CVE-2024-46548

TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack...

0.00147EPSS
Exploits0References1
CVE
CVE
added 2024/09/30 12:0 a.m.42 views

CVE-2024-46548

CVE-2024-46548 affects TP-Link Tapo P125M and Kasa KP125M (v1.0.3). The root cause is improper validation of certificates, which can allow a remote attacker to perform a man‑in‑the‑middle attack to eavesdrop on communications and access sensitive information. Connected sources corroborate the imp...

6.3CVSS6.8AI score0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/30 12:0 a.m.13 views

CVE-2024-35495

An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...

6.9AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.2 views

TP-LINK Kasa KP125M和TP-LINK Tapo P125M 安全漏洞

TP-LINK Kasa KP125M and TP-LINK Tapo P125M are both a smart plug from China P&L TP-LINK. A security vulnerability exists in TP-LINK Kasa KP125M v1.0.3 and TP-LINK Tapo P125M v1.0.2, which stems from incorrect validation of certificates, and can be exploited by an attacker to eavesdrop on...

6.3CVSS6.5AI score0.00147EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/30 12:0 a.m.16 views

CVE-2024-35495

An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...

0.00181EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/20 12:0 a.m.3 views

PT-2024-32030 · Tp Link · Kasa Kp125M +1

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo P125M and Kasa KP125M version 1.0.3 Description: The issue allows attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack due to improper validation of certificates. Recommendation...

7.5CVSS6.8AI score0.00147EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.6 views

PT-2024-26517 · Tp Link · Tapo P125M +1

Name of the Vulnerable Software and Affected Versions: TP-Link Kasa KP125M version 1.0.0 Tapo P125M version 1.0.0 Build 220930 Rel.143947 Description: An Information Disclosure issue in the Telemetry component allows attackers to observe device state via observing network traffic. Recommendations...

5CVSS6.8AI score0.00181EPSS
Exploits0References9
Rows per page
Query Builder