Description

An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value.

Related CPE's

o

tp-link

tapo_c200_v1_firmware

-

Vulnerable

h

tp-link

tapo_c200_v1

-

References

https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1.

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.4 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-01-23T15:15:13.940

1 year ago

Last modified

2023-08-08T14:21:49.707

11 months ago