CVE-2025-14300
- Source
- https://cve.org/CVERecord?id=CVE-2025-14300
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14300.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-14300
- Published
- 2025-12-20T01:16:03.133Z
- Modified
- 2026-03-15T21:45:24.649268Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).
- References
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14300.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.3-build_230228"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.4-build_230424"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.5-build_230717"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.7-build_230920"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.9-build_231019"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.11-build_231115"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.13-build_240327"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.14-build_240513"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.15-build_240715"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.1-build_241212"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2-build_250313"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.4-build_250922"
}
]
}
]