CVE-2023-38906

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 22, 2023
Updated: May 7, 2024

Summary

CVE-2023-38906 is a vulnerability affecting multiple TP-Link Smart Bulb and Camera models, as well as the Tapo Application. The issue enables a remote attacker to obtain sensitive information through manipulation of the authentication code contained within UDP messages, according to the description. This vulnerability could potentially lead to unauthorized access to user data and privacy breaches. Affected devices include L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, C200 1.1.18, and Tapo Application 2.8.14. Users are advised to update their devices to the latest patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • TP-Link Tapo

Affected Vendors

  • TP-LINK Technologies Co Ltd