Tp-Link: >> Tapo C200 Firmware >> 1.2.2 Security Vulnerabilities
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim.
CVSS Score
4.6
EPSS Score
0.0
Published
2023-06-06
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-04-01