CVSS: 9.0EPSS: 8%CPEs: 11EXPL: 2CVE-2020-12111 – TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection
https://notcve.org/view.php?id=CVE-2020-12111
Certain TP-Link devices allow Command Injection. This affects NC260 1.5.2 build 200304 and NC450 1.5.3 build 200304. Determinados dispositivos TP-Link permiten una inyección de comandos. Esto afecta a NC260 versión 1.5.2 build 200304 y NC450 versión 1.5.3 build 200304. TP-LINK Cloud Cameras including products NC260 and NC450 suffer from a command injection vulnerability. • http://packetstormsecurity.com/files/157533/TP-LINK-Cloud-Cameras-NCXXX-SetEncryptKey-Command-Injection.html https://seclists.org/fulldisclosure/2020/May/4 https://www.tp-link.com/us/security • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 2CVE-2020-12110 – TP-LINK Cloud Cameras NCXXX Hardcoded Encryption Key
https://notcve.org/view.php?id=CVE-2020-12110
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. Determinados dispositivos TP-Link tienen una Clave de Cifrado Embebida. Esto afecta a NC200 versión 2.1.9 build 200225, N210 versión 1.0.9 build 200304, NC220 versión 1.3.0 build 200304, NC230 versión 1.3.0 build 200304, NC250 versión 1.3.0 build 200304, NC260 versión 1.5.2 build 200304, y NC450 versión 1.5.3 build 200304. TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from having a hardcoded encryption key. • http://packetstormsecurity.com/files/157532/TP-LINK-Cloud-Cameras-NCXXX-Hardcoded-Encryption-Key.html https://seclists.org/fulldisclosure/2020/May/3 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 97%CPEs: 31EXPL: 3CVE-2020-12109 – TP-Link Cloud Cameras NCXXX Bonjour Command Injection
https://notcve.org/view.php?id=CVE-2020-12109
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. Ciertos dispositivos TP-Link permiten una inyección de comandos. Esto afecta a NC200 versión 2.1.9 build 200225, NC210 versión 1.0.9 build 200304, NC220 versión 1.3.0 build 200304, NC230 versión 1.3.0 build 200304, NC250 versión 1.3.0 build 200304, NC260 versión 1.5.2 build 200304, y NC450 versión 1.5.3 build 200304. TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. • http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html https://seclists.org/fulldisclosure/2020/May/2 https://www.tp-link.com/us/security • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10916 – TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-10916
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-20-553 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 2CVE-2020-8423
https://notcve.org/view.php?id=CVE-2020-8423
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. Un desbordamiento del búfer en el demonio httpd en los dispositivos TP-Link TL-WR841N versión V10 (versión de firmware 3.16.9), permite a un atacante remoto autenticado ejecutar código arbitrario por medio de una petición GET en la página para la configuración de la red Wi-Fi. • https://github.com/lnversed/CVE-2020-8423 https://ktln2.org/2020/03/29/exploiting-mips-router https://www.tp-link.com/us/security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •