CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-10796

On TP-Link NC250 devices with firmware through 1.2.1 build 170515, anyone can view video and audio without authentication via an rtsp://admin@yourip:554/h264_hd.sdp URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 3.3

References

https://gist.github.com/elbauldelgeek/8f0f24c582f43f51a34b34420a385d75
https://gist.github.com/elbauldelgeek/8f0f24c582f43f51a34b34420a385d75

Products affected by CVE-2017-10796

Tp-Link » Nc250 » Version: N/A

cpe:2.3:h:tp-link:nc250:-
Tp-Link » Nc250 Firmware » Version: 1.0.10

cpe:2.3:o:tp-link:nc250_firmware:1.0.10
Tp-Link » Nc250 Firmware » Version: 1.0.8

cpe:2.3:o:tp-link:nc250_firmware:1.0.8
Tp-Link » Nc250 Firmware » Version: 1.2.1

cpe:2.3:o:tp-link:nc250_firmware:1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-10796

Products

Pricing

Contact Us