12 matches found
CVE-2024-46548
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack...
CVE-2024-35495
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...
The vulnerability of the Telemetry component of TP-Link Tapo P125M and Kasa KP125M software devices allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Telemetry component in the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the protected...
The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data, allowing attackers to execute a “man-in-the-middle” type attack.
The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...
The vulnerability of TP-Link’s MQTT Broker and API gateway software for micro-programmed TP-Link devices like the KP125M and Tapo P125M allows a malicious actor to gain increased privileges.
The vulnerability of TP-Link’s MQTT broker and API gateway, which are part of the micro-programming software for TP-Link Kasa KP125M and Tapo P125M devices, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remote...
CVE-2024-46548
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack...
CVE-2024-46548
CVE-2024-46548 affects TP-Link Tapo P125M and Kasa KP125M (v1.0.3). The root cause is improper validation of certificates, which can allow a remote attacker to perform a man‑in‑the‑middle attack to eavesdrop on communications and access sensitive information. Connected sources corroborate the imp...
CVE-2024-35495
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...
TP-LINK Kasa KP125M和TP-LINK Tapo P125M 安全漏洞
TP-LINK Kasa KP125M and TP-LINK Tapo P125M are both a smart plug from China P&L TP-LINK. A security vulnerability exists in TP-LINK Kasa KP125M v1.0.3 and TP-LINK Tapo P125M v1.0.2, which stems from incorrect validation of certificates, and can be exploited by an attacker to eavesdrop on...
CVE-2024-35495
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic...
PT-2024-32030 · Tp Link · Kasa Kp125M +1
Name of the Vulnerable Software and Affected Versions: TP-Link Tapo P125M and Kasa KP125M version 1.0.3 Description: The issue allows attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack due to improper validation of certificates. Recommendation...
PT-2024-26517 · Tp Link · Tapo P125M +1
Name of the Vulnerable Software and Affected Versions: TP-Link Kasa KP125M version 1.0.0 Tapo P125M version 1.0.0 Build 220930 Rel.143947 Description: An Information Disclosure issue in the Telemetry component allows attackers to observe device state via observing network traffic. Recommendations...