CVE-2021-28858

5.5MEDIUM

Key Information:

Vendor: Tp-link
Status: Tl-WPa4220 Firmware
Vendor: CVE Published:; 15 June 2021

Summary

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

References

https://yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cle...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2021
Vulnerability Reserved
Mar 19, 2021