Vulnerabilities > CVE-2022-41505 - Unspecified vulnerability in Tp-Link Tapo C200 V1 Firmware

CVSS 6.4 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

high complexity

tp-link

NVD

Published: 2023-01-23

Updated: 2023-08-08

Summary

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value.

Vulnerable Configurations

Part	Description	Count
OS	Tp-Link TP Link Tapo C200 V1 Firmware -	1
Hardware	Tp-Link TP Link Tapo C200 V1 -	1

References

https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1.