Advisory Published
Updated

CVE-2020-11445

First published: Wed Apr 01 2020(Updated: )

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Tp-link Nc450 Firmware<=2020-02-09
Tp-link Nc450
Tp-link Nc260 Firmware<=2020-02-09
Tp-link Nc260
Tp-link Nc250 Firmware<=2020-02-09
TP-Link NC250
Tp-link Nc230 Firmware<=2020-02-09
Tp-link Nc230
Tp-link Nc220 Firmware<=2020-02-09
Tp-link Nc220
Tp-link Nc210 Firmware<=2020-02-09
Tp-link Nc210
Tp-link Nc200 Firmware<=2020-02-09
TP-LINK NC200
Tp-link Kc300s2 Firmware<=2020-02-09
Tp-link Kc300s2
Tp-link Kc310s2 Firmware<=2020-02-09
Tp-link Kc310s2
Tp-link Kc200 Firmware<=2020-02-09
Tp-link Kc200
Tp-link Tapo C200 Firmware<=2020-02-09
TP-Link Tapo C200
Tp-link Tapo C100 Firmware<=2020-02-09
TP-Link Tapo C100
Tp-link Tl-sc3430 Firmware<=2020-02-09
Tp-link Tl-sc3430
Tp-link Tl-sc3430n Firmware<=2020-02-09
Tp-link Tl-sc3430n
Tp-link Tl-sc4171g Firmware<=2020-02-09
Tp-link Tl-sc4171g

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-11445?

    CVE-2020-11445 is a vulnerability that allows remote attackers to bypass authentication and obtain sensitive information on TP-Link cloud cameras through 2020-02-09 via vectors involving a Wi-Fi session with GPS enabled.

  • How can remote attackers exploit CVE-2020-11445?

    Remote attackers can exploit CVE-2020-11445 by bypassing authentication and obtaining sensitive information on TP-Link cloud cameras.

  • What is the severity of CVE-2020-11445?

    CVE-2020-11445 has a severity rating of 5.3 (medium).

  • Which TP-Link cloud cameras are affected by CVE-2020-11445?

    TP-Link cloud cameras including NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g are affected by CVE-2020-11445.

  • Are TP-Link cloud cameras vulnerable to CVE-2020-11445 if they have the following models: NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g?

    Yes, TP-Link cloud cameras with the models NC450, NC260, NC250, NC230, NC220, NC210, NC200, KC300s2, KC310s2, KC200, Tapo C200, Tapo C100, TL-SC3430, TL-SC3430n, TL-SC4171g are vulnerable to CVE-2020-11445.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203