CVE-2020-13224

TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow

CVSS v3 8.8 HIGH
CVSS v2.0 9.0 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html	Exploit Third Party Advisory VDB Entry
https://www.tp-link.com/us/security	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-06-17 13:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-13224

Mitre link : CVE-2020-13224

CVE.ORG link : CVE-2020-13224

JSON object : View

Products Affected

tp-link

nc230
nc220
nc200_firmware
nc260
nc210
nc200
nc210_firmware
nc260_firmware
nc450
nc220_firmware
nc230_firmware
nc250_firmware
nc250
nc450_firmware

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2020-13224", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-06-17T13:15:11.210", "references": [{"url": "http://packetstormsecurity.com/files/158115/TP-LINK-Cloud-Cameras-NCXXX-Stack-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.tp-link.com/us/security", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow"}, {"lang": "es", "value": "Dispositivos TP-LINK NC200 versiones hasta 2.1.10 build 200401, dispositivos NC210 versiones hasta 1.0.10 build 200401, dispositivos NC220 versiones hasta 1.3.1 build 200401, dispositivos NC230 versiones hasta 1.3.1 build 200401, dispositivos NC250 versiones hasta 1.3.1 build 200401, dispositivos NC260 versiones hasta 1.5.3 build_200401, y los dispositivos NC450 versiones hasta 1.5.4 build 200401, presentan un desbordamiento de b\u00fafer"}], "lastModified": "2020-06-24T14:57:16.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4D7C6FD-2B67-425B-9D48-630FEDC538BE", "versionEndIncluding": "2.1.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1856BF12-5B8B-460C-951D-B48DAEFE93F8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc210_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91D46128-D59C-42A9-B61D-44EA99537561", "versionEndIncluding": "1.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc220_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5FD1508-2403-4086-B707-C9EEBDAC9B6D", "versionEndIncluding": "1.3.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09A89384-FA35-492D-B25D-434A049D3A13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc230_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36109B57-6864-4742-AE6B-F00B68040CA2", "versionEndIncluding": "1.3.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3EDB6A57-0D56-43D2-8D36-EC841D9A7FED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1880A8F-EFF4-49EC-8B49-1A01A8FD5F52", "versionEndIncluding": "1.3.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C6A3B4E-F357-4E9F-A799-E58E0D593F19"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc260_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A321BB22-14B8-4A7C-AE2A-2406079EADE3", "versionEndIncluding": "1.5.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F82284F-1244-45BC-9F38-956219905C97"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:nc450_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C98B9E3F-71C6-4C80-89B3-22B675BDE87C", "versionEndIncluding": "1.5.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71C122A0-FEC3-4482-A55D-09FA03A47F56"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}