Description
An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value.
References
https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1.
ExploitThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.4 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2023-01-23T15:15:13.940
1 year agoLast modified
2023-08-08T14:21:49.707
11 months ago