Privilege Escalation Vulnerability in TP-Link USB Network Server
CVE-2020-15054

8.8HIGH

Key Information:

Vendor: Tp-link
Status: Tl-ps310u Firmware
Vendor: CVE Published:; 7 August 2020

What is CVE-2020-15054?

The TP-Link USB Network Server TL-PS310U devices prior to version 2.079.000.t0210 are susceptible to a privilege escalation vulnerability. An attacker on the same network can exploit this weakness by intercepting unencrypted UDP traffic, which allows them to uncover the administrative password. This flaw underscores the importance of secure communication protocols to protect sensitive authentication information.

References

https://research.hisolutions.com/2020/05/critical-vulnera...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2020
Vulnerability Reserved
Jun 25, 2020

Tp-link

What is CVE-2020-15054?

References

CVSS V3.1

Timeline