Vulnerabilities > TP Link > Tapo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-27098 | Cleartext Storage of Sensitive Information vulnerability in Tp-Link Tapo TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel. | 7.5 |
| 2023-12-28 | CVE-2023-34829 | Cleartext Transmission of Sensitive Information vulnerability in Tp-Link Tapo 2.11.44/2.8.14 Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext. | 6.5 |
| 2023-09-25 | CVE-2023-38907 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages encrypted with a still valid session key. | 7.5 |
| 2023-08-22 | CVE-2023-38908 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function. low complexity tp-link | 6.5 |
| 2023-08-22 | CVE-2023-38909 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function. low complexity tp-link | 6.5 |
| 2023-08-22 | CVE-2023-38906 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message. low complexity tp-link | 6.5 |