CVE-2020-15056

4.3MEDIUM

Key Information:

Vendor: Tp-link
Status: Tl-ps310u Firmware
Vendor: CVE Published:; 7 August 2020

Summary

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

References

https://research.hisolutions.com/2020/05/critical-vulnera...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 7, 2020
Vulnerability Reserved
Jun 25, 2020