Massive ORB Proxy Networks Used by State Threat Actors to Evade Detection
May 24, 2024APT32 SeaLotus aka OceanLotus Group – Active IOCs
May 24, 2024Massive ORB Proxy Networks Used by State Threat Actors to Evade Detection
May 24, 2024APT32 SeaLotus aka OceanLotus Group – Active IOCs
May 24, 2024Severity
Medium
Analysis Summary
CVE-2024-31340
TP-Link Tether and TP-Link Tapo is vulnerable to a man-in-the-middle attack, caused by improper server certificate verification. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and eavesdrop on an encrypted communication.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-31340
Affected Vendors
Affected Products
- TP-Link Tether
- TP-Link Tapo
Remediation
Refer to TP-Link Website for patch, upgrade, or suggested workaround information.