TP-Link Tapo C200 V3
Moderate fix1 remedy
cpe:2.3:h:tp-link:tapo_c200:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- < Tapo C200(US)_V3_1.4.5 Build 251104
TP-Link Tapo C200 V3 Unauthenticated Access to Wi-Fi Configuration API Endpoint
Vulnerability
Patched
A vulnerability exists in the Tapo C200 V3 camera model, where the HTTPS service exposes a connectAP interface without proper authentication. This flaw allows an unauthenticated attacker on the same local network segment to exploit the vulnerability by modifying the device's Wi-Fi configuration. The exploitation of this vulnerability can lead to a loss of connectivity and cause a denial-of-service condition on the device.
Impact
Exploitation of this vulnerability allows for unauthorized modification of the device's Wi-Fi settings, causing a loss of network connectivity and creating a denial-of-service condition on the device.
Remediation
Users are advised to check for updates on the Tapo Mobile Application to address this vulnerability. The latest firmware version can be downloaded from the TP-Link website.
Added: Dec 20, 2025, 1:18 AM
Updated: Dec 20, 2025, 1:18 AM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
3.1exploitability
4.9remediation
7.7relevance
1.5threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.