CVE-2023-39610

Name of the Vulnerable Software and Affected Versions TP-Link Tapo C100 versions 1.1.15 Build 211130 Rel.15378n(4555) and before

Description The issue is related to the HTTP service of the TP-Link Tapo C100 IP camera's firmware, specifically with the handling of CRLF sequences in HTTP headers. This can be exploited by an attacker to cause a Denial of Service (DoS) via crafted web requests.

Recommendations For TP-Link Tapo C100 versions 1.1.15 Build 211130 Rel.15378n(4555) and before, consider disabling the HTTP service until a patch is available to prevent potential Denial of Service (DoS) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.