ID

VAR-202203-0288


CVE

CVE-2021-4045


TITLE

Tp-link Tapo C200 Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2022-20078 // CNNVD: CNNVD-202203-940

DESCRIPTION

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera. TP-LINK Technologies of tapo c200 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tp-link Tapo C200 is a network camera device from Tp-link company in China. The vulnerability stems from the uhttpd binary that runs as root by default in the software, which lacks filtering and escaping of command parameters. An unauthenticated attacker could exploit this vulnerability to execute system commands on the system through a special command request

Trust: 2.25

sources: NVD: CVE-2021-4045 // JVNDB: JVNDB-2021-018815 // CNVD: CNVD-2022-20078 // VULMON: CVE-2021-4045

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-20078

AFFECTED PRODUCTS

vendor:tp linkmodel:tapo c200scope:lteversion:1.1.15

Trust: 1.0

vendor:tp linkmodel:tapo c200scope:eqversion: -

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:lteversion:tapo c200 firmware 1.1.15 and earlier

Trust: 0.8

vendor:tp linkmodel:tapo c200scope: - version: -

Trust: 0.8

vendor:tp linkmodel:tapo c200scope:lteversion:<=1.1.15

Trust: 0.6

sources: CNVD: CNVD-2022-20078 // JVNDB: JVNDB-2021-018815 // NVD: CVE-2021-4045

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-4045
value: CRITICAL

Trust: 1.0

cve-coordination@incibe.es: CVE-2021-4045
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-4045
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-20078
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202203-940
value: CRITICAL

Trust: 0.6

VULMON: CVE-2021-4045
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-4045
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-20078
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-4045
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-4045
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-20078 // VULMON: CVE-2021-4045 // JVNDB: JVNDB-2021-018815 // CNNVD: CNNVD-202203-940 // NVD: CVE-2021-4045 // NVD: CVE-2021-4045

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.0

problemtype:Command injection (CWE-77) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-018815 // NVD: CVE-2021-4045

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-940

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-202203-940

PATCH

title:Patch for Tp-link Tapo C200 Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/325786

Trust: 0.6

title:Tp-link Tapo C200 Fixes for command injection vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=185994

Trust: 0.6

title:CVE-2021-4045-PoCurl:https://github.com/hacefresko/CVE-2021-4045-PoC

Trust: 0.1

title: - url:https://github.com/soosmile/POC

Trust: 0.1

sources: CNVD: CNVD-2022-20078 // VULMON: CVE-2021-4045 // CNNVD: CNNVD-202203-940

EXTERNAL IDS

db:NVDid:CVE-2021-4045

Trust: 3.9

db:PACKETSTORMid:168472

Trust: 2.5

db:JVNDBid:JVNDB-2021-018815

Trust: 0.8

db:CNVDid:CNVD-2022-20078

Trust: 0.6

db:CXSECURITYid:WLB-2023020037

Trust: 0.6

db:CXSECURITYid:WLB-2022090065

Trust: 0.6

db:EXPLOIT-DBid:51017

Trust: 0.6

db:CNNVDid:CNNVD-202203-940

Trust: 0.6

db:VULMONid:CVE-2021-4045

Trust: 0.1

sources: CNVD: CNVD-2022-20078 // VULMON: CVE-2021-4045 // JVNDB: JVNDB-2021-018815 // CNNVD: CNNVD-202203-940 // NVD: CVE-2021-4045

REFERENCES

url:https://www.incibe-cert.es/en/early-warning/security-advisories/tp-link-tapo-c200-remote-code-execution-vulnerability

Trust: 3.1

url:http://packetstormsecurity.com/files/168472/tp-link-tapo-c200-1.1.15-remote-code-execution.html

Trust: 3.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4045

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-4045/

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2023020037

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2022090065

Trust: 0.6

url:https://www.exploit-db.com/exploits/51017

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/77.html

Trust: 0.1

url:https://github.com/hacefresko/cve-2021-4045-poc

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2022-20078 // VULMON: CVE-2021-4045 // JVNDB: JVNDB-2021-018815 // CNNVD: CNNVD-202203-940 // NVD: CVE-2021-4045

CREDITS

hacefresko

Trust: 0.6

sources: CNNVD: CNNVD-202203-940

SOURCES

db:CNVDid:CNVD-2022-20078
db:VULMONid:CVE-2021-4045
db:JVNDBid:JVNDB-2021-018815
db:CNNVDid:CNNVD-202203-940
db:NVDid:CVE-2021-4045

LAST UPDATE DATE

2024-08-14T15:06:27.886000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-20078date:2022-03-16T00:00:00
db:VULMONid:CVE-2021-4045date:2022-09-30T00:00:00
db:JVNDBid:JVNDB-2021-018815date:2023-07-06T08:14:00
db:CNNVDid:CNNVD-202203-940date:2023-02-23T00:00:00
db:NVDid:CVE-2021-4045date:2022-09-30T14:46:27.997

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-20078date:2022-03-16T00:00:00
db:VULMONid:CVE-2021-4045date:2022-03-10T00:00:00
db:JVNDBid:JVNDB-2021-018815date:2023-07-06T00:00:00
db:CNNVDid:CNNVD-202203-940date:2022-03-10T00:00:00
db:NVDid:CVE-2021-4045date:2022-03-10T17:44:51.300