Primary

Context

TP-Link Tapo D230S1 Root Access Vulnerability via UART

Vulnerability

A vulnerability allowing root access has been identified in the TP-Link Tapo D230S1 model, specifically in version 1.20 prior to 1.2.2 Build 20250907. This issue arises from physical access to the device, where an attacker can connect to the UART port to gain root privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized root access, allowing an attacker to control the device with full administrative rights.

Remediation

Users are advised to update to the latest firmware version 1.2.2 Build 20250907. Instructions for updating can be found on the TP-Link support website.

Added: Sep 30, 2025, 12:18 PM

Updated: Sep 30, 2025, 2:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TP-Link Tapo D230S1 Root Access Vulnerability via UART

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating