Impersonation of Devices Allows Attacks in TP-Link MQTT Broker and API Gateway

CVE-2024-46549

Currently unrated 🤨

Key Information

Vendor
TP-Link
Vendor
CVE Published:
30 September 2024

Summary

An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.

Refferences

Timeline

  • Vulnerability published

Collectors

NVD Database
.