// For flags

CVE-2017-8217

 

Severity Score

5.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.

Los dispositivos TP-Link C2 y C20i a través del firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n tienen reglas iptables demasiado permisivas, por ejemplo, SNMP no está bloqueado en ninguna interfaz.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-04-25 CVE Reserved
  • 2017-04-25 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-17 EPSS Updated
  • 2024-09-17 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-862: Missing Authorization
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tp-link
Search vendor "Tp-link"
C2 Firmware
Search vendor "Tp-link" for product "C2 Firmware"
<= 0.9.1_4.2_v0032.0_build_160706
Search vendor "Tp-link" for product "C2 Firmware" and version " <= 0.9.1_4.2_v0032.0_build_160706"
rel.37961n
Affected
in Tp-link
Search vendor "Tp-link"
C2
Search vendor "Tp-link" for product "C2"
--
Safe
Tp-link
Search vendor "Tp-link"
C20i Firmware
Search vendor "Tp-link" for product "C20i Firmware"
<= 0.9.1_4.2_v0032.0_build_160706
Search vendor "Tp-link" for product "C20i Firmware" and version " <= 0.9.1_4.2_v0032.0_build_160706"
rel.37961n
Affected
in Tp-link
Search vendor "Tp-link"
C20i
Search vendor "Tp-link" for product "C20i"
--
Safe