Vulnerability in TP-Link Devices Allows for Eavesdropping and Data Access
CVE-2024-46548
Currently unrated
Summary
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack.
References
Timeline
Vulnerability published