Description

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value.

Related CPE's

o

tp-link

tapo_c200_v1_firmware

-

Vulnerable

h

tp-link

tapo_c200_v1

-

References

https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1.

ExploitThird Party Advisory

https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1.

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-Other

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-306

CVSS impact metrics

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.4 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-23T14:15:13.940Z

2 years ago

Last modified

2025-04-03T13:15:42.463Z

9 months ago