CVE-2020-12109
Summary
| CVE | CVE-2020-12109 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-05-04 16:15:00 UTC |
| Updated | 2023-01-20 18:24:00 UTC |
| Description | Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Tp-link | Nc200 | - | All | All | All |
| Hardware | Tp-link | Nc200 | - | All | All | All |
| Operating System | Tp-link | Nc200 Firmware | 2.1.6 | 160108_b | All | All |
| Operating System | Tp-link | Nc200 Firmware | 2.1.9 | 200225 | All | All |
| Operating System | Tp-link | Nc200 Firmware | 2.1.6 | 160108_b | All | All |
| Operating System | Tp-link | Nc200 Firmware | 2.1.9 | 200225 | All | All |
| Hardware | Tp-link | Nc210 | - | All | All | All |
| Hardware | Tp-link | Nc210 | - | All | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.3 | 160229 | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.4 | 160412 | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.9 | 200304 | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.3 | 160229 | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.4 | 160412 | All | All |
| Operating System | Tp-link | Nc210 Firmware | 1.0.9 | 200304 | All | All |
| Hardware | Tp-link | Nc220 | - | All | All | All |
| Hardware | Tp-link | Nc220 | - | All | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.2.0 | 170516 | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.3.0 | 180105 | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.3.0 | 200304 | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.2.0 | 170516 | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.3.0 | 180105 | All | All |
| Operating System | Tp-link | Nc220 Firmware | 1.3.0 | 200304 | All | All |
| Hardware | Tp-link | Nc230 | - | All | All | All |
| Hardware | Tp-link | Nc230 | - | All | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.0.3 | 160108 | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.2.1 | 170515 | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.3.0 | 200304 | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.0.3 | 160108 | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.2.1 | 170515 | All | All |
| Operating System | Tp-link | Nc230 Firmware | 1.3.0 | 200304 | All | All |
| Hardware | Tp-link | Nc250 | - | All | All | All |
| Hardware | Tp-link | Nc250 | - | All | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.0.10 | 160321 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.0.8 | 160108 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.2.1 | 170515 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.3.0 | 200304 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.0.10 | 160321 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.0.8 | 160108 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.2.1 | 170515 | All | All |
| Operating System | Tp-link | Nc250 Firmware | 1.3.0 | 200304 | All | All |
| Hardware | Tp-link | Nc260 | - | All | All | All |
| Hardware | Tp-link | Nc260 | - | All | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.0.5 | 160804 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.0.6 | 161114 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.4.1 | 180720 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.5.0 | 181123 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.5.2 | 200304 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.0.5 | 160804 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.0.6 | 161114 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.4.1 | 180720 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.5.0 | 181123 | All | All |
| Operating System | Tp-link | Nc260 Firmware | 1.5.2 | 200304 | All | All |
| Hardware | Tp-link | Nc450 | - | All | All | All |
| Hardware | Tp-link | Nc450 | - | All | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.0.15 | 160920 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.1.2 | 161013 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.3.4 | 171130 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.5.3 | 200304 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.0.15 | 160920 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.1.2 | 161013 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.3.4 | 171130 | All | All |
| Operating System | Tp-link | Nc450 Firmware | 1.5.3 | 200304 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| TP-Link Cloud Cameras NCXXX Bonjour Command Injection ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Full Disclosure: TP-LINK Cloud Cameras NCXXX Bonjour Command Injection | MISC | seclists.org | Exploit, Mailing List, Third Party Advisory |
| TP-LINK Cloud Cameras NCXXX Bonjour Command Injection ≈ Packet Storm | MISC | packetstormsecurity.com | Exploit, Third Party Advisory, VDB Entry |
| TP-Link - Security Advisory | TP-Link | MISC | www.tp-link.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.