CVE-2021-28857

HIGH

Tp-link Tl-wpa4220 Firmware - Insufficiently Protected Credentials

Title source: rule

Description

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0033
EPSS Percentile 55.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-522
Status published

Affected Products (1)

tp-link/tl-wpa4220_firmware

Timeline

Published Jun 15, 2021
Tracked Since Feb 18, 2026