agatah2333

3 exploits Active since Sep 2024
CVE-2024-35495 WRITEUP MEDIUM WRITEUP
TP-Link Kasa KP125M/Tapo P125M <1.0.0 - Info Disclosure
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.143947 allows attackers to observe device state via observing network traffic.
CVSS 4.3
CVE-2024-46548 WRITEUP MEDIUM WRITEUP
TP-Link Tapo P125M & Kasa KP125M v1.0.3 - Info Disclosure
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack.
CVSS 6.3
CVE-2024-46549 WRITEUP HIGH WRITEUP
TP-Link Kasa KP125M <1.0.3 - Open Redirect
An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.
CVSS 7.6