medium
5.3
Advisory Published
Updated

CVE-2020-11445

First published: Wed Apr 01 2020(Updated: )

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Tp-link Nc450 Firmware<=2020-02-09
Tp-link Nc450 Firmware
Tp-link Nc260 Firmware<=2020-02-09
Tp-link Nc260 Firmware
TP-Link NC250 Firmware<=2020-02-09
TP-Link NC250 Firmware
TP-Link NC230<=2020-02-09
TP-Link NC230
TP-Link NC220<=2020-02-09
TP-Link NC220 Firmware
TP-Link NC210<=2020-02-09
TP-Link NC210 Firmware
TP-Link NC200 Firmware<=2020-02-09
TP-LINK NC200
TP-Link KC300S2<=2020-02-09
TP-Link KC300S2 Firmware
TP-Link KC310S2<=2020-02-09
Tp-link Kc310s2 Firmware
TP-Link KC200<=2020-02-09
TP-Link KC200 Firmware
TP-Link Tapo C200<=2020-02-09
TP-Link Tapo C200 Firmware
TP-Link Tapo C100 Firmware<=2020-02-09
TP-Link Tapo C100 Firmware
TP-Link TL-SC3430 Firmware<=2020-02-09
TP-Link TL-SC3430N
Tp-link Tl-sc3430n Firmware<=2020-02-09
TP-Link TL-SC3430N
TP-Link TL-SC 4171G Firmware<=2020-02-09
TP-Link TL-SC4171G Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-11445?

    CVE-2020-11445 is a vulnerability that allows remote attackers to bypass authentication and obtain sensitive information on TP-Link cloud cameras through 2020-02-09 via vectors involving a Wi-Fi session with GPS enabled.

  • How can remote attackers exploit CVE-2020-11445?

    Remote attackers can exploit CVE-2020-11445 by bypassing authentication and obtaining sensitive information on TP-Link cloud cameras.

  • What is the severity of CVE-2020-11445?

    CVE-2020-11445 has a severity rating of 5.3 (medium).

  • Which TP-Link cloud cameras are affected by CVE-2020-11445?

    TP-Link cloud cameras including NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g are affected by CVE-2020-11445.

  • Are TP-Link cloud cameras vulnerable to CVE-2020-11445 if they have the following models: NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g?

    Yes, TP-Link cloud cameras with the models NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g are vulnerable to CVE-2020-11445.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203