Lucene search

PRIOn knowledge basePRION:CVE-2023-38909

HistoryAug 22, 2023 - 1:15 a.m.

Information disclosure

2023-08-2201:15:00

PRIOn knowledge base

www.prio-n.com

tplink

smart bulb

tapo

l530

v.1.0.0

aes128-cbc

information disclosure

remote attacker

nvd

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.

CPENameOperatorVersion
tapoeq2.8.14
tapo_l530e_firmwareeq1.0.0

CPE	Name	Operator	Version
	tapo	eq	2.8.14
	tapo_l530e_firmware	eq	1.0.0

References

arxiv.org/abs/2308.09019

arxiv.org/pdf/2308.09019.pdf

www.scitepress.org/Papers/2023/120929/120929.pdf

www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1