CVE-2025-3442
Description
This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-3442? +
How do I check if I'm vulnerable to CVE-2025-3442? +
Related Vulnerabilities
The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows …
next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of …
PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are …
This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An …
Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local …
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet …