Backdoor Vulnerability in TP-Link C2 and C20i Devices via vsftpd
CVE-2017-8218
9.8CRITICAL
What is CVE-2017-8218?
The vsftpd software on TP-Link C2 and C20i devices is compromised by a backdoor that allows unauthorized access through several hardcoded accounts. These accounts include an administrator account with a weak password '1234', a guest account with the password 'guest', and a test account with the password 'test'. This vulnerability exposes the devices to potential exploitation, granting attackers unauthorized control and the ability to manipulate the device settings.