Skip to main content

Tapo

7 CVEs product

Monthly

CVE-2025-9293 HIGH This Week

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication.

Information Disclosure Aginet Deco Festa Kasa +10
NVD
CVSS 4.0
7.7
EPSS
0.0%
CVE-2023-27098 HIGH POC This Week

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tapo
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-34829 MEDIUM POC This Month

Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tapo
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-38907 HIGH This Week

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo L530E Firmware Tapo
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-38909 MEDIUM POC This Month

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-38908 MEDIUM This Month

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-38906 MEDIUM This Month

An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 7.7
HIGH This Week

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication.

Information Disclosure Aginet Deco +12
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tapo
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tapo
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo L530E Firmware Tapo
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tapo Tapo L530E Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy