CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-4045

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1020%
EPSS Percentile27.24th
Published2022年3月10日
Last Modified2024年11月21日

Vulnerability Description

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.

Affected Platforms (CPE)

💻
Tp Link

Tapo C200 Firmware

<= 1.1.15

References & Advisories

🔗 http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html
🔗 https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability
🔗 http://packetstormsecurity.com/files/168472/TP-Link-Tapo-c200-1.1.15-Remote-Code-Execution.html
🔗 https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability

関連する脆弱性情報

CVE-2021-2328110.0

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM soft...

CVE-2021-024810.0

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks ...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2021-224410.0

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provide...