Remote Information Disclosure Vulnerability in TPLink Smart Bulb Tapo Series L530 v.1.0.0 and Tapo Application v.2.8.14

Remote Information Disclosure Vulnerability in TPLink Smart Bulb Tapo Series L530 v.1.0.0 and Tapo Application v.2.8.14

CVE-2023-38907 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages encrypted with a still valid session key.

Learn more about our Web Application Penetration Testing UK.