CVE-2020-10231

7.5HIGH

Key Information:

Vendor
Tp-link
Status
Nc450 Firmware
Vendor
CVE Published:
1 April 2020

Summary

TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.

References

http://seclists.org/fulldisclosure/2020/Mar/54
x_refsource_MISC
http://packetstormsecurity.com/files/157048/TP-LINK-Cloud...
x_refsource_MISC
http://seclists.org/fulldisclosure/2020/Apr/5
mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.