Search criteria
15 vulnerabilities found for nc220_firmware by tp-link
FKIE_CVE-2020-13224
Vulnerability from fkie_nvd - Published: 2020-06-17 13:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.tp-link.com/us/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tp-link.com/us/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | * | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | * | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | * | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | * | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | * | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | * | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | * | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D7C6FD-2B67-425B-9D48-630FEDC538BE",
"versionEndIncluding": "2.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91D46128-D59C-42A9-B61D-44EA99537561",
"versionEndIncluding": "1.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FD1508-2403-4086-B707-C9EEBDAC9B6D",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36109B57-6864-4742-AE6B-F00B68040CA2",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1880A8F-EFF4-49EC-8B49-1A01A8FD5F52",
"versionEndIncluding": "1.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A321BB22-14B8-4A7C-AE2A-2406079EADE3",
"versionEndIncluding": "1.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C98B9E3F-71C6-4C80-89B3-22B675BDE87C",
"versionEndIncluding": "1.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
},
{
"lang": "es",
"value": "Dispositivos TP-LINK NC200 versiones hasta 2.1.10 build 200401, dispositivos NC210 versiones hasta 1.0.10 build 200401, dispositivos NC220 versiones hasta 1.3.1 build 200401, dispositivos NC230 versiones hasta 1.3.1 build 200401, dispositivos NC250 versiones hasta 1.3.1 build 200401, dispositivos NC260 versiones hasta 1.5.3 build_200401, y los dispositivos NC450 versiones hasta 1.5.4 build 200401, presentan un desbordamiento de b\u00fafer"
}
],
"id": "CVE-2020-13224",
"lastModified": "2024-11-21T05:00:50.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-17T13:15:11.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12109
Vulnerability from fkie_nvd - Published: 2020-05-04 16:15 - Updated: 2024-11-21 04:59
Severity ?
Summary
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.9 | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | 1.0.3 | |
| tp-link | nc210_firmware | 1.0.4 | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | 1.0.3 | |
| tp-link | nc230_firmware | 1.2.1 | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | 1.0.8 | |
| tp-link | nc250_firmware | 1.0.10 | |
| tp-link | nc250_firmware | 1.2.1 | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.4.1 | |
| tp-link | nc260_firmware | 1.5.0 | |
| tp-link | nc260_firmware | 1.5.2 | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | 1.0.15 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.3.4 | |
| tp-link | nc450_firmware | 1.5.3 | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.9:200225:*:*:*:*:*:*",
"matchCriteriaId": "91F2DC6B-5C4F-49DE-8464-78F750A09135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.3:160229:*:*:*:*:*:*",
"matchCriteriaId": "ACC9C2F6-C933-4EAC-AF64-743063F6CF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.4:160412:*:*:*:*:*:*",
"matchCriteriaId": "D2CA6ACA-92A7-4F9C-9897-8841FE8514E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:200304:*:*:*:*:*:*",
"matchCriteriaId": "12008577-3A10-4C23-A237-AC628D10D8E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "A47A572A-5DE5-46B2-A942-698286872029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.0.3:160108:*:*:*:*:*:*",
"matchCriteriaId": "AC051CDE-5054-4925-8D14-B286D01E46B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "CA09DB0A-47A0-44D9-AABD-2C335B502B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "BC2CCFDD-290A-46FA-9DC2-8CBAE96258DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.8:160108:*:*:*:*:*:*",
"matchCriteriaId": "488217FC-C02C-4AA3-AD0E-26679E5912FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.10:160321:*:*:*:*:*:*",
"matchCriteriaId": "D2E08C60-2422-4135-B02F-B605386DC314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "6EB1C532-D019-4EB8-93A0-15FE8DFC07B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "4BC014D7-461C-4B63-B79F-B41C55508027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.4.1:180720:*:*:*:*:*:*",
"matchCriteriaId": "C23AB02F-00DA-4844-96EE-6E3976BB5065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.0:181123:*:*:*:*:*:*",
"matchCriteriaId": "3F23255A-C021-4B25-86A8-029007EF4D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.2:200304:*:*:*:*:*:*",
"matchCriteriaId": "54C3D856-5E56-4539-8437-495DCA5CB59E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.0.15:160920:*:*:*:*:*:*",
"matchCriteriaId": "B98EA7FE-B277-44F1-99CD-393FB13D4CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.3.4:171130:*:*:*:*:*:*",
"matchCriteriaId": "B1755D43-FD92-4DAE-B438-711A665C5790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.3:200304:*:*:*:*:*:*",
"matchCriteriaId": "59F5150F-6D80-4B94-9EA6-A20EF1AC7060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
},
{
"lang": "es",
"value": "Ciertos dispositivos TP-Link permiten una inyecci\u00f3n de comandos. Esto afecta a NC200 versi\u00f3n 2.1.9 build 200225, NC210 versi\u00f3n 1.0.9 build 200304, NC220 versi\u00f3n 1.3.0 build 200304, NC230 versi\u00f3n 1.3.0 build 200304, NC250 versi\u00f3n 1.3.0 build 200304, NC260 versi\u00f3n 1.5.2 build 200304, y NC450 versi\u00f3n 1.5.3 build 200304."
}
],
"id": "CVE-2020-12109",
"lastModified": "2024-11-21T04:59:15.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-04T16:15:12.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tp-link.com/us/security"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12110
Vulnerability from fkie_nvd - Published: 2020-05-04 14:15 - Updated: 2024-11-21 04:59
Severity ?
Summary
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://seclists.org/fulldisclosure/2020/May/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/fulldisclosure/2020/May/3 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.9 | |
| tp-link | nc200 | - | |
| tp-link | nc210_firmware | 1.0.3 | |
| tp-link | nc210_firmware | 1.0.4 | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc230_firmware | 1.0.3 | |
| tp-link | nc230_firmware | 1.2.1 | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc250_firmware | 1.0.8 | |
| tp-link | nc250_firmware | 1.0.10 | |
| tp-link | nc250_firmware | 1.2.1 | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.4.1 | |
| tp-link | nc260_firmware | 1.5.0 | |
| tp-link | nc260_firmware | 1.5.2 | |
| tp-link | nc260 | - | |
| tp-link | nc450_firmware | 1.0.15 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.3.4 | |
| tp-link | nc450_firmware | 1.5.3 | |
| tp-link | nc450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.9:200225:*:*:*:*:*:*",
"matchCriteriaId": "91F2DC6B-5C4F-49DE-8464-78F750A09135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.3:160229:*:*:*:*:*:*",
"matchCriteriaId": "ACC9C2F6-C933-4EAC-AF64-743063F6CF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.4:160412:*:*:*:*:*:*",
"matchCriteriaId": "D2CA6ACA-92A7-4F9C-9897-8841FE8514E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:200304:*:*:*:*:*:*",
"matchCriteriaId": "12008577-3A10-4C23-A237-AC628D10D8E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "A47A572A-5DE5-46B2-A942-698286872029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.0.3:160108:*:*:*:*:*:*",
"matchCriteriaId": "AC051CDE-5054-4925-8D14-B286D01E46B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "CA09DB0A-47A0-44D9-AABD-2C335B502B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "BC2CCFDD-290A-46FA-9DC2-8CBAE96258DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.8:160108:*:*:*:*:*:*",
"matchCriteriaId": "488217FC-C02C-4AA3-AD0E-26679E5912FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.0.10:160321:*:*:*:*:*:*",
"matchCriteriaId": "D2E08C60-2422-4135-B02F-B605386DC314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.2.1:170515:*:*:*:*:*:*",
"matchCriteriaId": "6EB1C532-D019-4EB8-93A0-15FE8DFC07B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:200304:*:*:*:*:*:*",
"matchCriteriaId": "4BC014D7-461C-4B63-B79F-B41C55508027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.4.1:180720:*:*:*:*:*:*",
"matchCriteriaId": "C23AB02F-00DA-4844-96EE-6E3976BB5065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.0:181123:*:*:*:*:*:*",
"matchCriteriaId": "3F23255A-C021-4B25-86A8-029007EF4D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.2:200304:*:*:*:*:*:*",
"matchCriteriaId": "54C3D856-5E56-4539-8437-495DCA5CB59E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.0.15:160920:*:*:*:*:*:*",
"matchCriteriaId": "B98EA7FE-B277-44F1-99CD-393FB13D4CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.3.4:171130:*:*:*:*:*:*",
"matchCriteriaId": "B1755D43-FD92-4DAE-B438-711A665C5790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.3:200304:*:*:*:*:*:*",
"matchCriteriaId": "59F5150F-6D80-4B94-9EA6-A20EF1AC7060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
},
{
"lang": "es",
"value": "Determinados dispositivos TP-Link tienen una Clave de Cifrado Embebida. Esto afecta a NC200 versi\u00f3n 2.1.9 build 200225, N210 versi\u00f3n 1.0.9 build 200304, NC220 versi\u00f3n 1.3.0 build 200304, NC230 versi\u00f3n 1.3.0 build 200304, NC250 versi\u00f3n 1.3.0 build 200304, NC260 versi\u00f3n 1.5.2 build 200304, y NC450 versi\u00f3n 1.5.3 build 200304."
}
],
"id": "CVE-2020-12110",
"lastModified": "2024-11-21T04:59:16.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-04T14:15:13.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-10231
Vulnerability from fkie_nvd - Published: 2020-04-01 14:15 - Updated: 2024-11-21 04:55
Severity ?
Summary
TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Apr/5 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Mar/54 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Apr/5 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Mar/54 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc450_firmware | 1.1.1 | |
| tp-link | nc450_firmware | 1.1.2 | |
| tp-link | nc450_firmware | 1.1.6 | |
| tp-link | nc450_firmware | 1.5.0 | |
| tp-link | nc450 | - | |
| tp-link | nc260_firmware | 1.0.5 | |
| tp-link | nc260_firmware | 1.0.6 | |
| tp-link | nc260_firmware | 1.5.1 | |
| tp-link | nc260 | - | |
| tp-link | nc250_firmware | 1.3.0 | |
| tp-link | nc250 | - | |
| tp-link | nc230_firmware | 1.3.0 | |
| tp-link | nc230 | - | |
| tp-link | nc220_firmware | 1.1.12 | |
| tp-link | nc220_firmware | 1.1.12 | |
| tp-link | nc220_firmware | 1.1.14 | |
| tp-link | nc220_firmware | 1.2.0 | |
| tp-link | nc220_firmware | 1.3.0 | |
| tp-link | nc220 | - | |
| tp-link | nc210_firmware | 1.0.9 | |
| tp-link | nc210 | - | |
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.6 | |
| tp-link | nc200_firmware | 2.1.7 | |
| tp-link | nc200_firmware | 2.1.7 | |
| tp-link | nc200_firmware | 2.1.8 | |
| tp-link | nc200 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.1:160928:*:*:*:*:*:*",
"matchCriteriaId": "B5B6BC22-788F-42F1-A8D9-35CC1785F404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*",
"matchCriteriaId": "72C02D43-51C5-480B-8957-99C9202E87DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.1.6:161124:*:*:*:*:*:*",
"matchCriteriaId": "10DFDA3B-3612-4BF4-B4B7-855FC19C84FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:1.5.0:181022:*:*:*:*:*:*",
"matchCriteriaId": "C64558B8-45D8-4FC2-8B91-1ED8CBB2A7EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*",
"matchCriteriaId": "B4227D23-DF7F-484C-8508-341ED2744B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*",
"matchCriteriaId": "2E7D5E76-892D-46B1-BD46-BD34E0CDFC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:1.5.1:190805:*:*:*:*:*:*",
"matchCriteriaId": "F2429A7C-6BD0-4A7A-9A65-B21073E0DAF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:1.3.0:171205:*:*:*:*:*:*",
"matchCriteriaId": "36FBEC70-97B8-4475-A490-42D22F282E28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:1.3.0:171205:*:*:*:*:*:*",
"matchCriteriaId": "AACC8ACA-F69A-4C45-AD18-693C29365050",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.12:160321_a:*:*:*:*:*:*",
"matchCriteriaId": "F6D9115C-95B5-4C2A-B0DB-088FA17E065D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.12:160321_b:*:*:*:*:*:*",
"matchCriteriaId": "15F11009-27B3-489D-B967-1EDE839371CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.1.14:161219:*:*:*:*:*:*",
"matchCriteriaId": "A30AB76B-F4C0-4D38-A8B4-BBE38A86B8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*",
"matchCriteriaId": "456A7C77-6DDF-40E0-A972-669EDFB5D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*",
"matchCriteriaId": "5C11C3AF-540C-4DAF-BF69-96C394D4B43F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:1.0.9:171214:*:*:*:*:*:*",
"matchCriteriaId": "FB0CCCA4-9023-48FA-B8E7-178DDE664D5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_a:*:*:*:*:*:*",
"matchCriteriaId": "7AB44906-3ED9-40E3-BD20-7749CE33B8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*",
"matchCriteriaId": "C49E1583-39DF-4BFB-BB80-F9F2118DECB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.7:160315_a:*:*:*:*:*:*",
"matchCriteriaId": "5DDAB527-222A-4742-A630-414AA03FACFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.7:160315_b:*:*:*:*:*:*",
"matchCriteriaId": "22397902-2208-4208-89ED-E97B762E3344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:2.1.8:171109:*:*:*:*:*:*",
"matchCriteriaId": "CE2A26F6-53AA-4F2B-80D5-94EA9156C9B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link NC200 versiones hasta 2.1.8_Build_171109, NC210 versiones hasta 1.0.9_Build_171214, NC220 versiones hasta 1.3.0_Build_180105, NC230 versiones hasta 1.3.0_Build_171205, NC250 versiones hasta 1.3.0_Build_171205, NC260 versiones hasta 1.5.1_Build_190805, y NC450 versiones hasta 1.5.0_Build_181022, permiten una Desreferencia del Puntero NULL remota."
}
],
"id": "CVE-2020-10231",
"lastModified": "2024-11-21T04:55:00.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T14:15:14.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11445
Vulnerability from fkie_nvd - Published: 2020-04-01 04:15 - Updated: 2024-11-21 04:57
Severity ?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cnvd.org.cn/flaw/show/1916613 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | nc450_firmware | * | |
| tp-link | nc450 | - | |
| tp-link | nc260_firmware | * | |
| tp-link | nc260 | - | |
| tp-link | nc250_firmware | * | |
| tp-link | nc250 | - | |
| tp-link | nc230_firmware | * | |
| tp-link | nc230 | - | |
| tp-link | nc220_firmware | * | |
| tp-link | nc220 | - | |
| tp-link | nc210_firmware | * | |
| tp-link | nc210 | - | |
| tp-link | nc200_firmware | * | |
| tp-link | nc200 | - | |
| tp-link | kc300s2_firmware | * | |
| tp-link | kc300s2 | - | |
| tp-link | kc310s2_firmware | * | |
| tp-link | kc310s2 | - | |
| tp-link | kc200_firmware | * | |
| tp-link | kc200 | - | |
| tp-link | tapo_c200_firmware | * | |
| tp-link | tapo_c200 | - | |
| tp-link | tapo_c100_firmware | * | |
| tp-link | tapo_c100 | - | |
| tp-link | tl-sc3430_firmware | * | |
| tp-link | tl-sc3430 | - | |
| tp-link | tl-sc3430n_firmware | * | |
| tp-link | tl-sc3430n | - | |
| tp-link | tl-sc4171g_firmware | * | |
| tp-link | tl-sc4171g | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "771BEC34-1944-43ED-B2FC-F5B03A1C68DA",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82A81BB5-61AF-4E19-AC96-5EE29DA03D59",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E74A2AC9-9873-4744-8A15-0771FD231FD7",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97853CD1-D3A6-4713-88CA-F679614AE8E6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E12F8B78-776B-4DC7-84A7-CABC37028583",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F109E65-853A-4A56-A6B0-A40150805619",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EECCC-1943-4C3C-BC2E-9E82EC79A94D",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc300s2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47903BA2-E056-4320-A2D2-7BE2FB99B2C6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc300s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBCD870-BF04-4204-BE97-75C306732705",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc310s2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B321EA4-D48D-4579-8E5C-9A17BD18B9E0",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc310s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F863D0B1-79D5-479C-92D0-F8D691E5E915",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:kc200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF85561-2455-4488-B8CA-D2355C91CBD0",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:kc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3476F580-EC2B-40A3-AF3B-819708FDFA3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tapo_c200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E99E304-A052-416A-BE1E-3A97198BE328",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B3D3B3-6E31-4F14-8DF5-0E3519C29DFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tapo_c100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A99C05D-55E4-4A7D-BE2E-CEDA67B4CB95",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tapo_c100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2654082E-60FA-48F9-B69C-0D334C91EA53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc3430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00217A8B-AD8C-4D50-8785-98473BEAE2D6",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc3430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29E212C7-26B4-4645-869F-F5A95EA53B64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc3430n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC76CA-8A7A-49F9-B403-8942CD573E1F",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc3430n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C27C3B-BE49-4202-A477-4AD69B4D7302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-sc4171g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F58A2506-C5BF-4BF2-9A92-25BB5EADC281",
"versionEndIncluding": "2020-02-09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-sc4171g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "974F5AB4-9A68-4941-8E80-D18F36F167A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
},
{
"lang": "es",
"value": "Las c\u00e1maras cloud de TP-Link hasta el 09-02-2020, permiten a atacantes remotos omitir la autenticaci\u00f3n y conseguir informaci\u00f3n confidencial por medio de vectores que involucran una sesi\u00f3n Wi-Fi con GPS habilitado, tambi\u00e9n se conoce como CNVD-2020-04855."
}
],
"id": "CVE-2020-11445",
"lastModified": "2024-11-21T04:57:55.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T04:15:13.630",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-13224 (GCVE-0-2020-13224)
Vulnerability from cvelistv5 – Published: 2020-06-17 12:13 – Updated: 2024-08-04 12:11
VLAI?
Summary
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-17T12:13:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13224",
"datePublished": "2020-06-17T12:13:36",
"dateReserved": "2020-05-20T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12109 (GCVE-0-2020-12109)
Vulnerability from cvelistv5 – Published: 2020-05-04 15:06 – Updated: 2024-08-04 11:48
VLAI?
Summary
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T18:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "https://seclists.org/fulldisclosure/2020/May/2",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"name": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12109",
"datePublished": "2020-05-04T15:06:51",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12110 (GCVE-0-2020-12110)
Vulnerability from cvelistv5 – Published: 2020-05-04 13:49 – Updated: 2024-08-04 11:48
VLAI?
Summary
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-04T18:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/fulldisclosure/2020/May/3",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"name": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12110",
"datePublished": "2020-05-04T13:49:45",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10231 (GCVE-0-2020-10231)
Vulnerability from cvelistv5 – Published: 2020-04-01 13:57 – Updated: 2024-08-04 10:58
VLAI?
Summary
TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:39.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-10T19:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2020/Mar/54",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"name": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10231",
"datePublished": "2020-04-01T13:57:21",
"dateReserved": "2020-03-08T00:00:00",
"dateUpdated": "2024-08-04T10:58:39.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11445 (GCVE-0-2020-11445)
Vulnerability from cvelistv5 – Published: 2020-04-01 03:57 – Updated: 2024-08-04 11:28
VLAI?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T03:57:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cnvd.org.cn/flaw/show/1916613",
"refsource": "MISC",
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11445",
"datePublished": "2020-04-01T03:57:55",
"dateReserved": "2020-04-01T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13224 (GCVE-0-2020-13224)
Vulnerability from nvd – Published: 2020-06-17 12:13 – Updated: 2024-08-04 12:11
VLAI?
Summary
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-17T12:13:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13224",
"datePublished": "2020-06-17T12:13:36",
"dateReserved": "2020-05-20T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12109 (GCVE-0-2020-12109)
Vulnerability from nvd – Published: 2020-05-04 15:06 – Updated: 2024-08-04 11:48
VLAI?
Summary
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-18T18:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tp-link.com/us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"url": "https://www.tp-link.com/us/security"
},
{
"name": "https://seclists.org/fulldisclosure/2020/May/2",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/2"
},
{
"name": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12109",
"datePublished": "2020-05-04T15:06:51",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12110 (GCVE-0-2020-12110)
Vulnerability from nvd – Published: 2020-05-04 13:49 – Updated: 2024-08-04 11:48
VLAI?
Summary
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-04T18:06:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/fulldisclosure/2020/May/3",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2020/May/3"
},
{
"name": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12110",
"datePublished": "2020-05-04T13:49:45",
"dateReserved": "2020-04-23T00:00:00",
"dateUpdated": "2024-08-04T11:48:58.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10231 (GCVE-0-2020-10231)
Vulnerability from nvd – Published: 2020-04-01 13:57 – Updated: 2024-08-04 10:58
VLAI?
Summary
TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:39.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-10T19:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2020/Mar/54",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/54"
},
{
"name": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157048/TP-LINK-Cloud-Cameras-NCXXX-Remote-NULL-Pointer-Dereference.html"
},
{
"name": "20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Apr/5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10231",
"datePublished": "2020-04-01T13:57:21",
"dateReserved": "2020-03-08T00:00:00",
"dateUpdated": "2024-08-04T10:58:39.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11445 (GCVE-0-2020-11445)
Vulnerability from nvd – Published: 2020-04-01 03:57 – Updated: 2024-08-04 11:28
VLAI?
Summary
TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T03:57:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cnvd.org.cn/flaw/show/1916613",
"refsource": "MISC",
"url": "https://www.cnvd.org.cn/flaw/show/1916613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11445",
"datePublished": "2020-04-01T03:57:55",
"dateReserved": "2020-04-01T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}