CVE-2020-11445

MEDIUM

TP-Link Cloud Cameras <2020-02-09 - Auth Bypass

Title source: llm

Description

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855.

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://www.cnvd.org.cn/flaw/show/1916613

Scores

CVSS v3 5.3

EPSS 0.0022

EPSS Percentile 44.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published

Products (15)

tp-link/kc200_firmware < 2020-02-09

tp-link/kc300s2_firmware < 2020-02-09

tp-link/kc310s2_firmware < 2020-02-09

tp-link/nc200_firmware < 2020-02-09

tp-link/nc210_firmware < 2020-02-09

tp-link/nc220_firmware < 2020-02-09

tp-link/nc230_firmware < 2020-02-09

tp-link/nc250_firmware < 2020-02-09

tp-link/nc260_firmware < 2020-02-09

tp-link/nc450_firmware < 2020-02-09

... and 5 more

Published Apr 01, 2020

Tracked Since Feb 18, 2026