CVE-2023-27098

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*
cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*

History

12 Jan 2024, 19:14

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References () http://tp-lin.com - () http://tp-lin.com - Broken Link
References () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - Product
References () http://tp-link.com - () http://tp-link.com - Product
References () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - Exploit, Third Party Advisory
CWE CWE-312
First Time Tp-link tapo
Tp-link tapo C200
Tp-link
CPE cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*
cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*

09 Jan 2024, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-09 02:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-27098

Mitre link : CVE-2023-27098

CVE.ORG link : CVE-2023-27098


JSON object : View

Products Affected

tp-link

  • tapo
  • tapo_c200
CWE
CWE-312

Cleartext Storage of Sensitive Information