CVE-2023-27098

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*
cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:52

Type Values Removed Values Added
References () http://tp-lin.com - Broken Link () http://tp-lin.com - Broken Link
References () http://tp-link.com - Product () http://tp-link.com - Product
References () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - Exploit, Third Party Advisory () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - Exploit, Third Party Advisory
References () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - Product () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - Product

12 Jan 2024, 19:14

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References () http://tp-lin.com - () http://tp-lin.com - Broken Link
References () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - () https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support - Product
References () http://tp-link.com - () http://tp-link.com - Product
References () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - () https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 - Exploit, Third Party Advisory
CPE cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*
cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*
CWE CWE-312
First Time Tp-link tapo
Tp-link tapo C200
Tp-link

09 Jan 2024, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-09 02:15

Updated : 2024-11-21 07:52


NVD link : CVE-2023-27098

Mitre link : CVE-2023-27098

CVE.ORG link : CVE-2023-27098


JSON object : View

Products Affected

tp-link

  • tapo_c200
  • tapo
CWE
CWE-312

Cleartext Storage of Sensitive Information