CNNVD-202508-1712 Information
CNNVD ID
CNNVD-202508-1712
Related CVE
- CNNVD Published: 2025-08-14
Description (Chinese)
HomeAssistant-Tapo: Cameras Control是Juraj Nyíri个人开发者的一个Tapo摄像头控制器。 HomeAssistant-Tapo: Cameras Control存在代码注入漏洞,该漏洞源于GitHub Actions工作流中存在代码注入漏洞,可能导致在特权环境中执行任意命令。
Description (English)
HomeAssistant-Tapo: Cameras Control is a Tapo camera controller for Juraj Nyíri’s personal developer. HomeAssistant-Tapo: Cameras Control has a code-injecting loophole, which stems from a code-infibration gap in the GitHub Actions workflow, which may lead to arbitrary orders being executed in a privileged environment.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-08-14
Last Modified
2026-02-24
References
https://github.com/JurajNyiri/HomeAssistant-Tapo-Control/security/advisories/GHSA-xccg-43hx-c846 https://github.com/JurajNyiri/HomeAssistant-Tapo-Control/commit/2a3b80ff128ddf4f410c97dd47a94343792ce43c https://nvd.nist.gov/vuln/detail/CVE-2025-55192
Patch
https://github.com/JurajNyiri/HomeAssistant-Tapo-Control/releases
Share on: