CVE-2025-14300

High

Published: 20 December 2025

Published

20 December 2025

Modified

03 April 2026

KEV Added

—

Patch

—

CVSS Score 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score 0.0011 28.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).

Mitigating Controls (NIST 800-53 r5)AI

AC-14 Permitted Actions Without Identification or Authentication good match

prevent

AC-14 directly identifies and restricts sensitive functions like the connectAP interface permitted without authentication, preventing unauthorized Wi-Fi configuration modifications by local attackers.

AC-3 Access Enforcement good match

prevent

AC-3 enforces approved authorizations for access to system resources such as the HTTPS service endpoints, blocking unauthenticated requests that modify device configuration.

AC-6 Least Privilege good match

prevent

AC-6 enforces least privilege, ensuring unauthenticated entities on the local network cannot access or alter Wi-Fi settings via the exposed interface.

Security SummaryAI

CVE-2025-14300 is a missing authentication vulnerability (CWE-306) in the HTTPS service on the TP-Link Tapo C200 V3 camera. The service exposes a connectAP interface without proper authentication checks, allowing unauthorized access to sensitive device configuration endpoints. This flaw has a CVSS v3.1 base score of 8.1 (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), indicating high severity due to its potential for integrity and availability impacts with low complexity and no privileges required.

An unauthenticated attacker on the same local network segment can exploit this vulnerability by sending crafted requests to the exposed interface. Successful exploitation enables modification of the device's Wi-Fi configuration, leading to loss of connectivity and a denial-of-service (DoS) condition on the affected camera.

TP-Link has addressed this issue through firmware updates available on their support download pages for the Tapo C200 V3 and related models such as Tapo C100 V5, including release notes at the provided URLs. Additional mitigation guidance is detailed in their support FAQ 4849.

Details

CWE(s): CWE-306

Affected Products

tp-link

tapo c200 firmware

1.3.11, 1.3.13, 1.3.14, 1.3.15, 1.3.3

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Missing authentication in HTTPS service enables exploitation of remote service (T1210) for unauthorized configuration changes, specifically Wi-Fi settings, resulting in endpoint DoS via application exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.tp-link.com/en/support/download/tapo-c100/v5/#Firmware-Release-Notes
f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/en/support/download/tapo-c200/v3/#Firmware-Release-Notes
f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/download/tapo-c100/v5/#Firmware-Release-Notes
f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/download/tapo-c200/v3/#Firmware-Release-Notes
Release Notes · f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/faq/4849/
Vendor Advisory · f23511db-6c3e-4e32-a477-6aa17d310630