TP-LINK NC200/NC210/NC220/NC230/NC250/NC260/NC450 hard-coded credentials

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in TP-LINK NC200, NC210, NC220, NC230, NC250, NC260 and NC450. It has been rated as critical. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field05/05/2020 09:12 AM05/05/2020 09:17 AM
vendorTP-LINKTP-LINK
nameNC200/NC210/NC220/NC230/NC250/NC260/NC450NC200/NC210/NC220/NC230/NC250/NC260/NC450
risk22
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore7.57.5
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore8.58.5
cvss3_meta_tempscore8.58.5
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.37.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
date1588550400 (05/04/2020)1588550400 (05/04/2020)
price_0day$0-$5k$0-$5k
cveCVE-2020-12110CVE-2020-12110
seealso154717154717
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_nvd_basescore9.89.8
cwe0798 (weak authentication)
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cve_assigned1587600000
cve_nvd_summaryCertain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.

Do you need the next level of professionalism?

Upgrade your account now!