Cross-Site Scripting Vulnerability in TP-Link Archer C1200 Firmware
CVE-2020-17891

6.1MEDIUM

Key Information:

Vendor: Tp-link
Status: Archer C1200 Firmware
Vendor: CVE Published:; 14 May 2021

Summary

The TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU contains a Cross-Site Scripting vulnerability. This security flaw allows an attacker to exploit the device remotely, enabling them to execute arbitrary code. Improper input validation may lead to unauthorized actions within the web interface of the router, potentially compromising user data and network integrity.

References

https://github.com/sandboxescape/TP-Link-wireless-router-...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 14, 2021
Vulnerability Reserved
Aug 13, 2020