Details of VAR-202005-0328

ID

VAR-202005-0328

CVE

CVE-2020-12109

TITLE

plural TP-Link On the device OS Command injection vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-005124

DESCRIPTION

Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. plural TP-Link On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. TP-LINK is a brand owned by Pulian Technology Co., Ltd., established in 1996, is specialized in network and communication terminal The industry's mainstream manufacturers of R&D, manufacturing and marketing of terminal equipment. The TP-LINK Cloud Cameras NCXXX series has an authorized RCE vulnerability. An attacker can use this vulnerability to use the default credentials admin:admin to execute arbitrary commands as root

Trust: 2.25

sources: NVD: CVE-2020-12109 // JVNDB: JVNDB-2020-005124 // CNVD: CNVD-2020-26465 // VULMON: CVE-2020-12109

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-26465

AFFECTED PRODUCTS

vendor:	tp link	model:	nc260	scope:	eq	version:	1.5.0	Trust: 1.0
vendor:	tp link	model:	nc210	scope:	eq	version:	1.0.4	Trust: 1.0
vendor:	tp link	model:	nc220	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	tp link	model:	nc230	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	tp link	model:	nc220	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	tp link	model:	nc260	scope:	eq	version:	1.0.5	Trust: 1.0
vendor:	tp link	model:	nc210	scope:	eq	version:	1.0.9	Trust: 1.0
vendor:	tp link	model:	nc210	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	tp link	model:	nc230	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	tp link	model:	nc250	scope:	eq	version:	1.0.10	Trust: 1.0
vendor:	tp link	model:	nc450	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	tp link	model:	nc260	scope:	eq	version:	1.5.2	Trust: 1.0
vendor:	tp link	model:	nc260	scope:	eq	version:	1.0.6	Trust: 1.0
vendor:	tp link	model:	nc260	scope:	eq	version:	1.4.1	Trust: 1.0
vendor:	tp link	model:	nc250	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	tp link	model:	nc450	scope:	eq	version:	1.3.4	Trust: 1.0
vendor:	tp link	model:	nc200	scope:	eq	version:	2.1.6	Trust: 1.0
vendor:	tp link	model:	nc450	scope:	eq	version:	1.5.3	Trust: 1.0
vendor:	tp link	model:	nc250	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	tp link	model:	nc250	scope:	eq	version:	1.0.8	Trust: 1.0
vendor:	tp link	model:	nc200	scope:	eq	version:	2.1.9	Trust: 1.0
vendor:	tp link	model:	nc450	scope:	eq	version:	1.0.15	Trust: 1.0
vendor:	tp link	model:	nc230	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	tp link	model:	nc200	scope:	eq	version:	2.1.9 build 200225	Trust: 0.8
vendor:	tp link	model:	nc210	scope:	eq	version:	1.0.9 build 200304	Trust: 0.8
vendor:	tp link	model:	nc220	scope:	eq	version:	1.3.0 build 200304	Trust: 0.8
vendor:	tp link	model:	nc230	scope:	eq	version:	1.3.0 build 200304	Trust: 0.8
vendor:	tp link	model:	nc250	scope:	eq	version:	1.3.0 build 200304	Trust: 0.8
vendor:	tp link	model:	nc260	scope:	eq	version:	1.5.2 build 200304	Trust: 0.8
vendor:	tp link	model:	nc450	scope:	eq	version:	1.5.3 build 200304	Trust: 0.8
vendor:	tp link	model:	cloud cameras nc200 build	scope:	lte	version:	<=2.1.9200225	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc210 build	scope:	lte	version:	<=1.0.9200304	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc220 build	scope:	lte	version:	<=1.3.0200304	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc230 build	scope:	lte	version:	<=1.3.0200304	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc250 build	scope:	lte	version:	<=1.3.0200304	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc260 build	scope:	lte	version:	<=1.5.2200304	Trust: 0.6
vendor:	tp link	model:	cloud cameras nc450 build	scope:	lte	version:	<=1.5.3200304	Trust: 0.6

sources: CNVD: CNVD-2020-26465 // JVNDB: JVNDB-2020-005124 // NVD: CVE-2020-12109

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12109
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-005124
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-26465
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202005-007
value:	HIGH
Trust: 0.6
VULMON:	CVE-2020-12109
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-12109
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005124
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-26465
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-12109
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-005124
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-26465 // VULMON: CVE-2020-12109 // JVNDB: JVNDB-2020-005124 // CNNVD: CNNVD-202005-007 // NVD: CVE-2020-12109

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-005124 // NVD: CVE-2020-12109

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-007

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202005-007

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005124

PATCH

title:	Security Advisory	url:	https://www.tp-link.com/us/press/security-advisory/	Trust: 0.8
title:	Patch for TP-LINK Cloud Cameras NCXXX series authorized RCE vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/216249	Trust: 0.6
title:	Multiple TP-Link Product operating system command injection vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118600	Trust: 0.6
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2020-12109	Trust: 0.1

sources: CNVD: CNVD-2020-26465 // VULMON: CVE-2020-12109 // JVNDB: JVNDB-2020-005124 // CNNVD: CNNVD-202005-007

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12109	Trust: 3.1
db:	PACKETSTORM	id:	157531	Trust: 2.5
db:	PACKETSTORM	id:	159222	Trust: 1.7
db:	JVNDB	id:	JVNDB-2020-005124	Trust: 0.8
db:	CNVD	id:	CNVD-2020-26465	Trust: 0.6
db:	CNNVD	id:	CNNVD-202005-007	Trust: 0.6
db:	VULMON	id:	CVE-2020-12109	Trust: 0.1

sources: CNVD: CNVD-2020-26465 // VULMON: CVE-2020-12109 // JVNDB: JVNDB-2020-005124 // CNNVD: CNNVD-202005-007 // NVD: CVE-2020-12109

REFERENCES

url:	http://packetstormsecurity.com/files/157531/tp-link-cloud-cameras-ncxxx-bonjour-command-injection.html	Trust: 3.2
url:	http://packetstormsecurity.com/files/159222/tp-link-cloud-cameras-ncxxx-bonjour-command-injection.html	Trust: 2.3
url:	https://seclists.org/fulldisclosure/2020/may/2	Trust: 1.7
url:	https://www.tp-link.com/us/security	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12109	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12109	Trust: 0.8
url:	https://www.tp-link.com	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2020-12109	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2020-26465 // VULMON: CVE-2020-12109 // JVNDB: JVNDB-2020-005124 // CNNVD: CNNVD-202005-007 // NVD: CVE-2020-12109

CREDITS

Pietro Oliva

Trust: 0.6

sources: CNNVD: CNNVD-202005-007

SOURCES

db:	CNVD	id:	CNVD-2020-26465
db:	VULMON	id:	CVE-2020-12109
db:	JVNDB	id:	JVNDB-2020-005124
db:	CNNVD	id:	CNNVD-202005-007
db:	NVD	id:	CVE-2020-12109

LAST UPDATE DATE

2024-11-23T22:37:23.982000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-26465	date:	2020-05-06T00:00:00
db:	VULMON	id:	CVE-2020-12109	date:	2023-01-20T00:00:00
db:	JVNDB	id:	JVNDB-2020-005124	date:	2020-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202005-007	date:	2020-09-21T00:00:00
db:	NVD	id:	CVE-2020-12109	date:	2024-11-21T04:59:15.907

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-26465	date:	2020-05-06T00:00:00
db:	VULMON	id:	CVE-2020-12109	date:	2020-05-04T00:00:00
db:	JVNDB	id:	JVNDB-2020-005124	date:	2020-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202005-007	date:	2020-05-01T00:00:00
db:	NVD	id:	CVE-2020-12109	date:	2020-05-04T16:15:12.087