Tuya Smart Plug (Generic Wi-Fi Smart Plug)
From Wiki-IoT
Revision as of 21:22, 20 October 2025 by Jeandecian (talk | contribs)
Classification
| Tuya Smart Plug (Generic Wi-Fi Smart Plug) | |
|---|---|
| Classification | |
| Grade | F |
| Calculator version | 1 |
| Classification date | 2025-10-20 |
| Information | |
| Name | Tuya Smart Plug (Generic Wi-Fi Plug, ESP8266/WB2S, white-label) |
| Brand by Parent | Tuya (OEM/ODM) by Tuya Inc. |
| Generation | 2nd (WB2S replaces ESP8266) |
| Model(s) | WB2S module inside, e.g., SH-P01, KS-602S, etc. |
| Release date | 2019-11-11 |
| Type/Category | Smart outlet (Wi-Fi controlled) |
| Website | [1] |
| Status | In sale |
| More | |
| Dimensions | 55 × 55 × 52 mm (typical EU plug) |
| Mass | 65 g |
| Operating system | TuyaOS-Lite (FreeRTOS-based) on WB2S |
| Companion App | Tuya Smart / Smart Life (iOS/Android) |
| CPU | ARM Cortex-A7 @ 720 MHz (NXP i.MX6 UltraLite) |
| GPU | None |
| Memory | 256 KB SRAM + 2 MB XIP flash (chip-package) |
| Storage | 2 MB XIP flash (no encryption) |
| Battery | None |
| Power | 230 V AC, max 16 A, standby ≤ 0.5 W |
| Charging | Not applicable |
| Display | 1 hidden RGB LED (status) |
| Camera | None |
| Sound | None |
| Connectivity | Wi-Fi 4 (802.11 b/g/n) 2.4 GHz only, no BLE/Ethernet |
| Device | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Known hardware tampering | Very common | [2] | Plastic case snaps open; WB2S UART pins labelled & accessible |
| Known vulnerabilities | Very common | [3] | WB2S TuyaOS ≤ 2.9.5 stack overflow (remote code exec) patched 2021-09 |
| Prior attacks | Very common | [4] | Mirai off-shoot “Tuyai” botnet brute-forces Tuya plugs via weak creds |
| Updatability | Rare | [5] | OTA exists but vendor must push; white-label sellers rarely update |
| Category score | 3 | ||
| System | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Authentication with other systems | Partial | [6] | Local web server on 10.42.42.1 no login required for config dump |
| Communications | Encrypted with obselete encryption | [7] | TLS 1.1, hard-coded cert, AES-ECB key reused across devices |
| Storage | No encryption | [8] | Flash dump in plaintext; Wi-Fi creds stored in clear text |
| Category score | 3 | ||
| User Authentication | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Account management | Basic | [9] | Tuya STuya Smart app login only; no 2FA on device levelmart app login only; no 2FA on device level |
| Authentication | Basic | [10] | SamsTuya Smart app login only; no 2FA on device levelung-account + 2FA (TOTP, WebAuthn, push) |
| Brute-force protection | Absent | [11] | AccoNo lock-out, no CAPTCHA; Mirai dictionaries workunt lock-out & CAPTCHA after 5 failed attempts |
| Event logging | Partial logging | [12] | App shows on/off events; no syslog, no failed-login log |
| Passwords | Default/Common/Easy to guess | [13] | Many sellers ship with admin/admin; no forced change, no complexity |
| Category score | 3 | ||
| Grade | F |
|---|
