Summary
Detail | |||
---|---|---|---|
Vendor | Tp-Link | First view | 2020-04-01 |
Product | Tapo c200 Firmware | Last view | 2023-06-06 |
Version | 1.2.2 | Type | Os |
Update | build_220725 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:tp-link:tapo_c200_firmware |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.6 | 2023-06-06 | CVE-2023-27126 | The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim. |
5.3 | 2020-04-01 | CVE-2020-11445 | TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-522 | Insufficiently Protected Credentials |