Описание
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Ссылки
- ExploitPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_3130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_3130:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_3130g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_3130g:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_3171g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_3171g:-:*:*:*:*:*:*:*
Конфигурация 4Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_4171g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_4171g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.49292
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-798
Связанные уязвимости
github
почти 4 года назад
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
EPSS
Процентиль: 98%
0.49292
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-798