Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-3442

Summary
Assigner-CERT-In
Assigner Org ID-66834db9-ab24-42b4-be80-296b2e40335c
Published At-09 Apr, 2025 | 07:02
Updated At-11 Apr, 2025 | 05:33
Rejected At-
Credits

Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CERT-In
Assigner Org ID:66834db9-ab24-42b4-be80-296b2e40335c
Published At:09 Apr, 2025 | 07:02
Updated At:11 Apr, 2025 | 05:33
Rejected At:
▼CVE Numbering Authority (CNA)
Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.

Affected Products
Vendor
TP-Link Systems Inc.TP-Link
Product
Tapo H200 V1 IoT Smart Hub
Default Status
unaffected
Versions
Affected
  • <=1.4.0
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312: Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312: Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
4.04.4MEDIUM
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
Version: 4.0
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-37CAPEC-37 Retrieve Embedded Sensitive Data
CAPEC ID: CAPEC-37
Description: CAPEC-37 Retrieve Embedded Sensitive Data
Solutions

Upgrade TP-Link Tapo H200 V1 IoT Smart Hub to firmware version 1.5.0 or higher http://download.tplinkcloud.com/firmware/H200-up-ver1-5-0-P1[20250221-rel59821]-signed_1740997558340... http://download.tplinkcloud.com/firmware/H200-up-ver1-5-0-P1[20250221-rel59821]-signed_1740997558340.bin

Configurations
Workarounds
Exploits
Credits
finder
This vulnerability is reported by Shravan Singh, Ganesh Bakare, and Abhinav Giridhar from Mumbai, India.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072
third-party-advisory
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vdisclose@cert-in.org.in
Published At:09 Apr, 2025 | 07:15
Updated At:09 Apr, 2025 | 07:15

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.04.4MEDIUM
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-312Primaryvdisclose@cert-in.org.in
CWE ID: CWE-312
Type: Primary
Source: vdisclose@cert-in.org.in
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072vdisclose@cert-in.org.in
N/A
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072
Source: vdisclose@cert-in.org.in
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2Records found
CVE-2024-10523
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.50%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 12:00
Updated-08 Nov, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Disclosure Vulnerability in TP-Link IoT Smart Hub

This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-tapo_h100_firmwaretapo_h100TP-Link Tapo H100 IoT Smart Hub
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-54127
Matching Score-6
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-6
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 3.82%
||
7 Day CHG~0.00%
Published-05 Dec, 2024 | 12:19
Updated-05 Dec, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-Archer C50 Wireless Router
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
Details not found