Vulnerabilities (CVE)

Filtered by vendor Tp-link Subscribe
Filtered by product Tapo C200
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49515 1 Tp-link 4 Tapo C200, Tapo C200 Firmware, Tapo Tc70 and 1 more 2024-11-21 N/A 4.6 MEDIUM
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.
CVE-2023-27126 1 Tp-link 2 Tapo C200, Tapo C200 Firmware 2024-11-21 N/A 4.6 MEDIUM
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.
CVE-2023-27098 1 Tp-link 2 Tapo, Tapo C200 2024-11-21 N/A 7.5 HIGH
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
CVE-2021-4045 1 Tp-link 2 Tapo C200, Tapo C200 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
CVE-2020-11445 1 Tp-link 30 Kc200, Kc200 Firmware, Kc300s2 and 27 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.