Vulnerabilites related to tp-link - nc210_firmware
CVE-2020-10231 (GCVE-0-2020-10231)
Vulnerability from cvelistv5
Published
2020-04-01 13:57
Modified
2024-08-04 10:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2020/Mar/54 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Apr/5 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:39.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-10T19:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2020/Mar/54",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"name": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10231",
"datePublished": "2020-04-01T13:57:21",
"dateReserved": "2020-03-08T00:00:00",
"dateUpdated": "2024-08-04T10:58:39.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13224 (GCVE-0-2020-13224)
Vulnerability from cvelistv5
Published
2020-06-17 12:13
Modified
2024-08-04 12:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tp-link.com/us/security | x_refsource_MISC | |
| http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-17T12:13:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13224",
"datePublished": "2020-06-17T12:13:36",
"dateReserved": "2020-05-20T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12109 (GCVE-0-2020-12109)
Vulnerability from cvelistv5
Published
2020-05-04 15:06
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tp-link.com/us/security | x_refsource_MISC | |
| https://seclists.org/fulldisclosure/2020/May/2 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T18:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "https://seclists.org/fulldisclosure/2020/May/2",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"name": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12109",
"datePublished": "2020-05-04T15:06:51",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12110 (GCVE-0-2020-12110)
Vulnerability from cvelistv5
Published
2020-05-04 13:49
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
| ▼ | URL | Tags |
|---|---|---|
| https://seclists.org/fulldisclosure/2020/May/3 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-04T18:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/fulldisclosure/2020/May/3",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"name": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12110",
"datePublished": "2020-05-04T13:49:45",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11445 (GCVE-0-2020-11445)
Vulnerability from cvelistv5
Published
2020-04-01 03:57
Modified
2024-08-04 11:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cnvd.org.cn/flaw/show/1916613 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T03:57:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cnvd.org.cn/flaw/show/1916613",
"refsource": "MISC",
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11445",
"datePublished": "2020-04-01T03:57:55",
"dateReserved": "2020-04-01T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 04:57
Severity ?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc450_firmware | * | |
| tp-link | nc450 | - | |
| tp-link | nc260_firmware | * | |
| tp-link | nc260 | - | |
| tp-link | nc250_firmware | * | |
| tp-link | nc250 | - | |
| tp-link | nc230_firmware | * | |
| tp-link | nc230 | - | |
| tp-link | nc220_firmware | * | |
| tp-link | nc220 | - | |
| tp-link | nc210_firmware | * | |
| tp-link | nc210 | - | |
| tp-link | nc200_firmware | * | |
| tp-link | nc200 | - | |
| tp-link | kc300s2_firmware | * | |
| tp-link | kc300s2 | - | |
| tp-link | kc310s2_firmware | * | |
| tp-link | kc310s2 | - | |
| tp-link | kc200_firmware | * | |
| tp-link | kc200 | - | |
| tp-link | tapo_c200_firmware | * | |
| tp-link | tapo_c200 | - | |
| tp-link | tapo_c100_firmware | * | |
| tp-link | tapo_c100 | - | |
| tp-link | tl-sc3430_firmware | * | |
| tp-link | tl-sc3430 | - | |
| tp-link | tl-sc3430n_firmware | * | |
| tp-link | tl-sc3430n | - | |
| tp-link | tl-sc4171g_firmware | * | |
| tp-link | tl-sc4171g | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "771BEC34-1944-43ED-B2FC-F5B03A1C68DA",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82A81BB5-61AF-4E19-AC96-5EE29DA03D59",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E74A2AC9-9873-4744-8A15-0771FD231FD7",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97853CD1-D3A6-4713-88CA-F679614AE8E6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E12F8B78-776B-4DC7-84A7-CABC37028583",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F109E65-853A-4A56-A6B0-A40150805619",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EECCC-1943-4C3C-BC2E-9E82EC79A94D",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc300s2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47903BA2-E056-4320-A2D2-7BE2FB99B2C6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc300s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBCD870-BF04-4204-BE97-75C306732705",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc310s2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B321EA4-D48D-4579-8E5C-9A17BD18B9E0",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc310s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F863D0B1-79D5-479C-92D0-F8D691E5E915",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF85561-2455-4488-B8CA-D2355C91CBD0",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3476F580-EC2B-40A3-AF3B-819708FDFA3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tapo_c200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E99E304-A052-416A-BE1E-3A97198BE328",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B3D3B3-6E31-4F14-8DF5-0E3519C29DFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tapo_c100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A99C05D-55E4-4A7D-BE2E-CEDA67B4CB95",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tapo_c100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2654082E-60FA-48F9-B69C-0D334C91EA53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc3430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00217A8B-AD8C-4D50-8785-98473BEAE2D6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29E212C7-26B4-4645-869F-F5A95EA53B64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc3430n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC76CA-8A7A-49F9-B403-8942CD573E1F",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc3430n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C27C3B-BE49-4202-A477-4AD69B4D7302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc4171g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F58A2506-C5BF-4BF2-9A92-25BB5EADC281",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc4171g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "974F5AB4-9A68-4941-8E80-D18F36F167A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
},
{
"lang": "es",
"value": "Las c\u00e1maras cloud de TP-Link hasta el 09-02-2020, permiten a atacantes remotos omitir la autenticaci\u00f3n y conseguir informaci\u00f3n confidencial por medio de vectores que involucran una sesi\u00f3n Wi-Fi con GPS habilitado, tambi\u00e9n se conoce como CNVD-2020-04855."
}
],
"id": "CVE-2020-11445",
"lastModified": "2024-11-21T04:57:55.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T04:15:13.630",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-17 13:15
Modified
2024-11-21 05:00
Severity ?
Summary
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.tp-link.com/us/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tp-link.com/us/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | * | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | * | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | * | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | * | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | * | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | * | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | * | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D7C6FD-2B67-425B-9D48-630FEDC538BE",
"versionEndIncluding": "2.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91D46128-D59C-42A9-B61D-44EA99537561",
"versionEndIncluding": "1.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FD1508-2403-4086-B707-C9EEBDAC9B6D",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36109B57-6864-4742-AE6B-F00B68040CA2",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1880A8F-EFF4-49EC-8B49-1A01A8FD5F52",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A321BB22-14B8-4A7C-AE2A-2406079EADE3",
"versionEndIncluding": "1.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C98B9E3F-71C6-4C80-89B3-22B675BDE87C",
"versionEndIncluding": "1.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
},
{
"lang": "es",
"value": "Dispositivos TP-LINK NC200 versiones hasta 2.1.10 build 200401, dispositivos NC210 versiones hasta 1.0.10 build 200401, dispositivos NC220 versiones hasta 1.3.1 build 200401, dispositivos NC230 versiones hasta 1.3.1 build 200401, dispositivos NC250 versiones hasta 1.3.1 build 200401, dispositivos NC260 versiones hasta 1.5.3 build_200401, y los dispositivos NC450 versiones hasta 1.5.4 build 200401, presentan un desbordamiento de b\u00fafer"
}
],
"id": "CVE-2020-13224",
"lastModified": "2024-11-21T05:00:50.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-17T13:15:11.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-01 14:15
Modified
2024-11-21 04:55
Severity ?
Summary
TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Apr/5 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Mar/54 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Apr/5 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Mar/54 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc450_firmware | 1.1.1 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.1.6 | |
| tp-link | nc450_firmware | 1.5.0 | |
| tp-link | nc450 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.5.1 | |
| tp-link | nc260 | - | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc220_firmware | 1.1.12 | |
| tp-link | nc220_firmware | 1.1.12 | |
| tp-link | nc220_firmware | 1.1.14 | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.7 | |
| tp-link | nc200_firmware | 2.1.7 | |
| tp-link | nc200_firmware | 2.1.8 | |
| tp-link | nc200 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.1:160928:*:*:*:*:*:*",
"matchCriteriaId": "B5B6BC22-788F-42F1-A8D9-35CC1785F404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.6:161124:*:*:*:*:*:*",
"matchCriteriaId": "10DFDA3B-3612-4BF4-B4B7-855FC19C84FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.0:181022:*:*:*:*:*:*",
"matchCriteriaId": "C64558B8-45D8-4FC2-8B91-1ED8CBB2A7EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.1:190805:*:*:*:*:*:*",
"matchCriteriaId": "F2429A7C-6BD0-4A7A-9A65-B21073E0DAF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:171205:*:*:*:*:*:*",
"matchCriteriaId": "36FBEC70-97B8-4475-A490-42D22F282E28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:171205:*:*:*:*:*:*",
"matchCriteriaId": "AACC8ACA-F69A-4C45-AD18-693C29365050",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.12:160321_a:*:*:*:*:*:*",
"matchCriteriaId": "F6D9115C-95B5-4C2A-B0DB-088FA17E065D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.12:160321_b:*:*:*:*:*:*",
"matchCriteriaId": "15F11009-27B3-489D-B967-1EDE839371CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.14:161219:*:*:*:*:*:*",
"matchCriteriaId": "A30AB76B-F4C0-4D38-A8B4-BBE38A86B8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:171214:*:*:*:*:*:*",
"matchCriteriaId": "FB0CCCA4-9023-48FA-B8E7-178DDE664D5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_a:*:*:*:*:*:*",
"matchCriteriaId": "7AB44906-3ED9-40E3-BD20-7749CE33B8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.7:160315_a:*:*:*:*:*:*",
"matchCriteriaId": "5DDAB527-222A-4742-A630-414AA03FACFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.7:160315_b:*:*:*:*:*:*",
"matchCriteriaId": "22397902-2208-4208-89ED-E97B762E3344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.8:171109:*:*:*:*:*:*",
"matchCriteriaId": "CE2A26F6-53AA-4F2B-80D5-94EA9156C9B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link NC200 versiones hasta 2.1.8_Build_171109, NC210 versiones hasta 1.0.9_Build_171214, NC220 versiones hasta 1.3.0_Build_180105, NC230 versiones hasta 1.3.0_Build_171205, NC250 versiones hasta 1.3.0_Build_171205, NC260 versiones hasta 1.5.1_Build_190805, y NC450 versiones hasta 1.5.0_Build_181022, permiten una Desreferencia del Puntero NULL remota."
}
],
"id": "CVE-2020-10231",
"lastModified": "2024-11-21T04:55:00.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T14:15:14.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-04 16:15
Modified
2024-11-21 04:59
Severity ?
Summary
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.9 | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | 1.0.3 | |
| tp-link | nc210_firmware | 1.0.4 | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | 1.0.3 | |
| tp-link | nc230_firmware | 1.2.1 | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | 1.0.8 | |
| tp-link | nc250_firmware | 1.0.10 | |
| tp-link | nc250_firmware | 1.2.1 | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.4.1 | |
| tp-link | nc260_firmware | 1.5.0 | |
| tp-link | nc260_firmware | 1.5.2 | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | 1.0.15 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.3.4 | |
| tp-link | nc450_firmware | 1.5.3 | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.9:200225:*:*:*:*:*:*",
"matchCriteriaId": "91F2DC6B-5C4F-49DE-8464-78F750A09135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.3:160229:*:*:*:*:*:*",
"matchCriteriaId": "ACC9C2F6-C933-4EAC-AF64-743063F6CF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.4:160412:*:*:*:*:*:*",
"matchCriteriaId": "D2CA6ACA-92A7-4F9C-9897-8841FE8514E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:200304:*:*:*:*:*:*",
"matchCriteriaId": "12008577-3A10-4C23-A237-AC628D10D8E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "A47A572A-5DE5-46B2-A942-698286872029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.0.3:160108:*:*:*:*:*:*",
"matchCriteriaId": "AC051CDE-5054-4925-8D14-B286D01E46B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "CA09DB0A-47A0-44D9-AABD-2C335B502B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "BC2CCFDD-290A-46FA-9DC2-8CBAE96258DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.8:160108:*:*:*:*:*:*",
"matchCriteriaId": "488217FC-C02C-4AA3-AD0E-26679E5912FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.10:160321:*:*:*:*:*:*",
"matchCriteriaId": "D2E08C60-2422-4135-B02F-B605386DC314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "6EB1C532-D019-4EB8-93A0-15FE8DFC07B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "4BC014D7-461C-4B63-B79F-B41C55508027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.4.1:180720:*:*:*:*:*:*",
"matchCriteriaId": "C23AB02F-00DA-4844-96EE-6E3976BB5065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.0:181123:*:*:*:*:*:*",
"matchCriteriaId": "3F23255A-C021-4B25-86A8-029007EF4D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.2:200304:*:*:*:*:*:*",
"matchCriteriaId": "54C3D856-5E56-4539-8437-495DCA5CB59E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.0.15:160920:*:*:*:*:*:*",
"matchCriteriaId": "B98EA7FE-B277-44F1-99CD-393FB13D4CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.3.4:171130:*:*:*:*:*:*",
"matchCriteriaId": "B1755D43-FD92-4DAE-B438-711A665C5790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.3:200304:*:*:*:*:*:*",
"matchCriteriaId": "59F5150F-6D80-4B94-9EA6-A20EF1AC7060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
},
{
"lang": "es",
"value": "Ciertos dispositivos TP-Link permiten una inyecci\u00f3n de comandos. Esto afecta a NC200 versi\u00f3n 2.1.9 build 200225, NC210 versi\u00f3n 1.0.9 build 200304, NC220 versi\u00f3n 1.3.0 build 200304, NC230 versi\u00f3n 1.3.0 build 200304, NC250 versi\u00f3n 1.3.0 build 200304, NC260 versi\u00f3n 1.5.2 build 200304, y NC450 versi\u00f3n 1.5.3 build 200304."
}
],
"id": "CVE-2020-12109",
"lastModified": "2024-11-21T04:59:15.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-04T16:15:12.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-04 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://seclists.org/fulldisclosure/2020/May/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/fulldisclosure/2020/May/3 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.9 | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | 1.0.3 | |
| tp-link | nc210_firmware | 1.0.4 | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | 1.0.3 | |
| tp-link | nc230_firmware | 1.2.1 | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | 1.0.8 | |
| tp-link | nc250_firmware | 1.0.10 | |
| tp-link | nc250_firmware | 1.2.1 | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.4.1 | |
| tp-link | nc260_firmware | 1.5.0 | |
| tp-link | nc260_firmware | 1.5.2 | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | 1.0.15 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.3.4 | |
| tp-link | nc450_firmware | 1.5.3 | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.9:200225:*:*:*:*:*:*",
"matchCriteriaId": "91F2DC6B-5C4F-49DE-8464-78F750A09135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.3:160229:*:*:*:*:*:*",
"matchCriteriaId": "ACC9C2F6-C933-4EAC-AF64-743063F6CF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.4:160412:*:*:*:*:*:*",
"matchCriteriaId": "D2CA6ACA-92A7-4F9C-9897-8841FE8514E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:200304:*:*:*:*:*:*",
"matchCriteriaId": "12008577-3A10-4C23-A237-AC628D10D8E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "A47A572A-5DE5-46B2-A942-698286872029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.0.3:160108:*:*:*:*:*:*",
"matchCriteriaId": "AC051CDE-5054-4925-8D14-B286D01E46B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "CA09DB0A-47A0-44D9-AABD-2C335B502B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "BC2CCFDD-290A-46FA-9DC2-8CBAE96258DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.8:160108:*:*:*:*:*:*",
"matchCriteriaId": "488217FC-C02C-4AA3-AD0E-26679E5912FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.10:160321:*:*:*:*:*:*",
"matchCriteriaId": "D2E08C60-2422-4135-B02F-B605386DC314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "6EB1C532-D019-4EB8-93A0-15FE8DFC07B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "4BC014D7-461C-4B63-B79F-B41C55508027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.4.1:180720:*:*:*:*:*:*",
"matchCriteriaId": "C23AB02F-00DA-4844-96EE-6E3976BB5065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.0:181123:*:*:*:*:*:*",
"matchCriteriaId": "3F23255A-C021-4B25-86A8-029007EF4D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.2:200304:*:*:*:*:*:*",
"matchCriteriaId": "54C3D856-5E56-4539-8437-495DCA5CB59E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.0.15:160920:*:*:*:*:*:*",
"matchCriteriaId": "B98EA7FE-B277-44F1-99CD-393FB13D4CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.3.4:171130:*:*:*:*:*:*",
"matchCriteriaId": "B1755D43-FD92-4DAE-B438-711A665C5790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.3:200304:*:*:*:*:*:*",
"matchCriteriaId": "59F5150F-6D80-4B94-9EA6-A20EF1AC7060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
},
{
"lang": "es",
"value": "Determinados dispositivos TP-Link tienen una Clave de Cifrado Embebida. Esto afecta a NC200 versi\u00f3n 2.1.9 build 200225, N210 versi\u00f3n 1.0.9 build 200304, NC220 versi\u00f3n 1.3.0 build 200304, NC230 versi\u00f3n 1.3.0 build 200304, NC250 versi\u00f3n 1.3.0 build 200304, NC260 versi\u00f3n 1.5.2 build 200304, y NC450 versi\u00f3n 1.5.3 build 200304."
}
],
"id": "CVE-2020-12110",
"lastModified": "2024-11-21T04:59:16.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-04T14:15:13.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}