Which versions of IoT are affected by CVE-2025-14300?

TP-Link Tapo C200 V3 cameras running firmware versions 1.3.3-1.4.1 contain an unauthenticated remote reconfiguration vulnerability that allows any device on the same network to permanently disable…

How to fix or mitigate CVE-2025-14300?

Within 24 hours: Identify all TP-Link Tapo C200 V3 devices in your environment and verify firmware versions via the Tapo app or web interface; isolate affected devices to a dedicated, restricted VLAN with access controls limiting adjacent network exposure. Within 7 days: Implement network segmentation to prevent untrusted devices from reaching the camera's management interface; document current device firmware inventory. Within 30 days: Contact TP-Link support for patch availability timeline; evaluate replacement with alternative camera models from vendors with established security patch cadence; deploy compensating controls (see below) until patch is available.

IoT CVE-2025-14300

Q: What is the CVSS score of CVE-2025-14300?

CVE-2025-14300 has a CVSS 4.0 base score of 8.7 (High). CVSS vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

HIGH

Missing Authentication for Critical Function (CWE-306)

2025-12-20 f23511db-6c3e-4e32-a477-6aa17d310630

Authentication Bypass Denial Of Service TP-Link IoT Tapo C200 Firmware

8.7

CVSS 4.0

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 03, 2026 - 22:22 vuln.today

CVE Published

Dec 20, 2025 - 01:16 nvd

HIGH 8.7

DescriptionNVD

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).

AnalysisAI

Missing authentication on the HTTPS connectAP interface in TP-Link Tapo C200 V3 firmware (versions 1.3.3 through 1.4.1) allows adjacent network attackers to remotely reconfigure device Wi-Fi settings, causing permanent denial-of-service until manual intervention. The vulnerability exploits CWE-306 (Missing Authentication for Critical Function) with CVSS 8.7 severity, requiring only adjacent network access with low attack complexity and no user interaction. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, though the technical barrier is minimal for LAN-positioned adversaries.

Technical ContextAI

The Tapo C200 V3 is a consumer-grade pan-tilt-zoom IP camera running embedded Linux firmware. The vulnerability stems from CWE-306 (Missing Authentication for Critical Function), where the HTTPS management service exposes a 'connectAP' API endpoint that accepts Wi-Fi configuration changes without requiring authentication credentials. According to CPE data, affected products span TP-Link Tapo C200 firmware builds from 1.3.3 (Build 230228, February 2023) through 1.4.1 (Build 241212, December 2024), representing nearly two years of vulnerable releases. The CVSS 4.0 vector (AV:A/AC:L/PR:N/UI:N) confirms adjacent network attack vector with low complexity and no privilege requirements, indicating the API accepts unauthenticated HTTP/HTTPS requests from any client on the same network segment. This architectural flaw allows manipulation of critical device configuration parameters-specifically SSID, authentication credentials, and connection settings-through unprotected REST endpoints, violating fundamental secure-by-design principles for IoT management interfaces.

RemediationAI

TP-Link has published patched firmware addressing CVE-2025-14300 per security advisory FAQ 4849. Tapo C200 V3 owners should immediately upgrade to the latest firmware release available at https://www.tp-link.com/us/support/download/tapo-c200/v3/#Firmware-Release-Notes, applying updates through the Tapo mobile application (Settings > Device Settings > Firmware Update) or web management interface. Verify post-update firmware build number exceeds 241212 to confirm patch application. Organizations unable to immediately patch should implement network segmentation controls: isolate Tapo cameras on dedicated VLAN segments with strict inter-VLAN routing policies preventing adjacent network access from untrusted clients, disable HTTPS management interfaces if remote administration is unnecessary, and deploy 802.1X port-based authentication or MAC address filtering to restrict Layer 2 access to camera subnets. For high-security deployments, consider replacing affected devices with enterprise-grade IP cameras offering role-based access control and authenticated API endpoints until vendor patch deployment is verified through penetration testing. Monitor network traffic for unusual HTTP POST requests to /connectAP endpoints as potential indicators of exploitation attempts.