CVE-2020-12109

critical-risk
Published 2020-05-04

Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.

Do I need to act?

!
81.6% chance of exploitation in next 30 days
EPSS score — higher than 18% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (20)

Nc200 Firmware
Nc200 Firmware
Nc210 Firmware
Nc210 Firmware
Nc210 Firmware
Nc220 Firmware
Nc220 Firmware
Nc220 Firmware
Nc230 Firmware
Nc230 Firmware
Nc230 Firmware
Nc250 Firmware
Nc250 Firmware
Nc250 Firmware
Nc250 Firmware
Nc260 Firmware
Nc260 Firmware
Nc260 Firmware
Nc260 Firmware
Nc260 Firmware

Affected Vendors

Tp-Link

References (8)

Exploit http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-...
Exploit http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-...
Exploit https://seclists.org/fulldisclosure/2020/May/2
Vendor Advisory https://www.tp-link.com/us/security
Exploit http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-...
Exploit http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-...
Exploit https://seclists.org/fulldisclosure/2020/May/2
Vendor Advisory https://www.tp-link.com/us/security
71
/ 100
critical-risk
Severity 30/34 · Critical
Exploitability 20/34 · Moderate
Exposure 21/34 · High