Cross-Site Scripting Vulnerability in TP-Link Archer C1200 Firmware
CVE-2020-17891

6.1MEDIUM

Key Information:

Vendor: Tp-link
Status: Archer C1200 Firmware
Vendor: CVE Published:; 14 May 2021

What is CVE-2020-17891?

The TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU contains a Cross-Site Scripting vulnerability. This security flaw allows an attacker to exploit the device remotely, enabling them to execute arbitrary code. Improper input validation may lead to unauthorized actions within the web interface of the router, potentially compromising user data and network integrity.

References

https://github.com/sandboxescape/TP-Link-wireless-router-...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2021
Vulnerability Reserved
Aug 13, 2020

Tp-link

What is CVE-2020-17891?

References

CVSS V3.1

Timeline