CVE-2020-13224
Last modified
CVE-2020-13224 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow. EPSS estimates a 2.18% chance of exploitation in the next 30 days.
Description
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Nc200 Firmware | <= 2.1.10 |
| Tp-Link | Nc210 Firmware | <= 1.0.10 |
| Tp-Link | Nc220 Firmware | <= 1.3.1 |
| Tp-Link | Nc230 Firmware | <= 1.3.1 |
| Tp-Link | Nc250 Firmware | <= 1.3.1 |
| Tp-Link | Nc260 Firmware | <= 1.5.3 |
| Tp-Link | Nc450 Firmware | <= 1.5.4 |
References
- http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.htmlExploit, Third Party Advisory, VDB Entry
- https://www.tp-link.com/us/securityVendor Advisory
- http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.htmlExploit, Third Party Advisory, VDB Entry
- https://www.tp-link.com/us/securityVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-13224?
How severe is CVE-2020-13224?
How do I fix CVE-2020-13224?
Are you affected by CVE-2020-13224?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST