AI Score
Confidence
Low
EPSS
Percentile
15.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly validate certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
[
{
"vendor": "TP-Link ",
"product": "TP-Link Tether",
"versions": [
{
"status": "affected",
"version": "prior to 4.5.13"
}
]
},
{
"vendor": "TP-Link ",
"product": "TP-Link Tapo",
"versions": [
{
"status": "affected",
"version": "prior to 3.3.6"
}
]
}
]