C320WS vulnerability

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

C320WS vulnerability

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
C320WS vulnerability
C320WS vulnerability
2023-06-29 08:34:51
Tags: #Vulnerability
Model: Tapo C320WS  
Hardware Version: V2
Firmware Version: 1.0.5

Was thinking how great this camera was, until I accidentally disconnected the ethernet cable one day. The camera continues working but it starts emitting its own open(!) WiFi to which anyone in the neighborhood can connect and add the camera to their own tapo app/account without needing any info that could only be obtained if having the camera in physical possession(proof of ownership)...

 

This is INSANE! Someone knocks the camera off network and suddenly it’s open for everyone!?!?!?

 

How about making its own setup-WiFi password protected? instead open?!?

How about not even entering the setup mode unless a removal from existing account has been initiated first?

Or physical reset button has been pressed?!??

 

Instead you initiate (OPEN for everyone) setup mode on a network drop!

 

Fix this as soon as possible! 

  0      
  0      
#1
Options
2 Reply
Re:C320WS vulnerability
2023-06-30 09:59:46

  @NathanNever 

Hi,
Thank you for your feedback.
We have reported the issue to the tech team, and they will likely reach out to you via email to continue troubleshooting your issue. Please check your email box and confirm.
Best Regards

  0  
  0  
#2
Options
Re:C320WS vulnerability
2023-07-06 07:37:24

Hi,

For Tapo C320WS users who may also want to connect the camera to your network with a wired connection, we would like to recommend setting up both the Wired and Wi-Fi connections on your Tapo C320WS camera, even if you only intend to use the wired connection. By enabling both connections, the camera will seamlessly switch to Wi-Fi if the wired connection is disconnected. Additionally, when the wired connection is disconnected or your home Wi-Fi network disappears, the camera will no longer broadcast the default SSID.

We understand the importance of providing a reliable and safe connection to our Tapo users, and our team is dedicated to analyzing and resolving any reported issues promptly to continuously improve our products and deliver the best performance possible. Thank you for your understanding and continued support. If you have any further questions or require assistance, please don't hesitate to reach out to our support team.

Best Regards

  2  
  2  
#3
Options