Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2025-14553

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo C210 V.1.8 app on iOS and Android, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged.

Published: Dec 16, 2025
Updated: Dec 17, 2025
CVE: CVE-2025-14553
Exploit:

No technical information available.

CWEs:

CWE-200

Affected Software
References

No affected software listed.

https://apps.apple.com/us/app/tp-link-tapo/id1472718009
https://play.google.com/store/apps/details?id=com.tplink.iot
https://www.tp-link.com/us/support/faq/4840/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo