Vulnerabilities > TP Link > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-10523 Cleartext Storage of Sensitive Information vulnerability in Tp-Link Tapo H100 Firmware
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware.
low complexity
tp-link CWE-312
4.6
2024-01-17 CVE-2023-49515 Unspecified vulnerability in Tp-Link Tapo C200 Firmware and Tapo Tc70 Firmware
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components.
low complexity
tp-link
4.6
2023-12-28 CVE-2023-34829 Cleartext Transmission of Sensitive Information vulnerability in Tp-Link Tapo 2.11.44/2.8.14
Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext.
low complexity
tp-link CWE-319
6.5
2023-10-31 CVE-2023-39610 Resource Exhaustion vulnerability in Tp-Link Tapo C100 Firmware 1.1.15
An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted web request.
low complexity
tp-link CWE-400
6.5
2023-08-22 CVE-2023-38908 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function.
low complexity
tp-link
6.5
2023-08-22 CVE-2023-38909 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.
low complexity
tp-link
6.5
2023-08-22 CVE-2023-38906 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.
low complexity
tp-link
6.5
2023-06-06 CVE-2023-27126 Insufficiently Protected Credentials vulnerability in Tp-Link Tapo C200 Firmware 1.2.2
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras.
low complexity
tp-link CWE-522
4.6
2023-05-19 CVE-2023-31756 OS Command Injection vulnerability in Tp-Link Archer Vr1600V Firmware 0.1.00.9.1V5006.0Build200810Rel.53181N
A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0.
local
low complexity
tp-link CWE-78
6.7
2023-05-11 CVE-2023-2646 Unspecified vulnerability in Tp-Link Archer C7 Firmware 180114
A vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic.
low complexity
tp-link
6.5