CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10523

This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.7%

CVSS Severity

CVSS v3 Score 4.6

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0331

Products affected by CVE-2024-10523

Tp-Link » Tapo H100 » Version: 1.0

cpe:2.3:h:tp-link:tapo_h100:1.0
Tp-Link » Tapo H100 Firmware » Version: N/A

cpe:2.3:o:tp-link:tapo_h100_firmware:-
Tp-Link » Tapo H100 Firmware » Version: 1.3.9

cpe:2.3:o:tp-link:tapo_h100_firmware:1.3.9
Tp-Link » Tapo H100 Firmware » Version: 1.5.10

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.10
Tp-Link » Tapo H100 Firmware » Version: 1.5.12

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.12
Tp-Link » Tapo H100 Firmware » Version: 1.5.16

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.16
Tp-Link » Tapo H100 Firmware » Version: 1.5.20

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.20
Tp-Link » Tapo H100 Firmware » Version: 1.5.4

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.4
Tp-Link » Tapo H100 Firmware » Version: 1.5.5

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.5
Tp-Link » Tapo H100 Firmware » Version: 1.5.6

cpe:2.3:o:tp-link:tapo_h100_firmware:1.5.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10523

Products

Pricing

Contact Us