Vulnerability Details CVE-2020-12110
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2020-12110
-
cpe:2.3:h:tp-link:nc200:-
-
cpe:2.3:h:tp-link:nc210:-
-
cpe:2.3:h:tp-link:nc220:-
-
cpe:2.3:h:tp-link:nc230:-
-
cpe:2.3:h:tp-link:nc250:-
-
cpe:2.3:h:tp-link:nc260:-
-
cpe:2.3:h:tp-link:nc450:-
-
cpe:2.3:o:tp-link:nc200_firmware:2.1.6
-
cpe:2.3:o:tp-link:nc200_firmware:2.1.9
-
cpe:2.3:o:tp-link:nc210_firmware:1.0.3
-
cpe:2.3:o:tp-link:nc210_firmware:1.0.4
-
cpe:2.3:o:tp-link:nc210_firmware:1.0.9
-
cpe:2.3:o:tp-link:nc220_firmware:1.2.0
-
cpe:2.3:o:tp-link:nc220_firmware:1.3.0
-
cpe:2.3:o:tp-link:nc230_firmware:1.0.3
-
cpe:2.3:o:tp-link:nc230_firmware:1.2.1
-
cpe:2.3:o:tp-link:nc230_firmware:1.3.0
-
cpe:2.3:o:tp-link:nc250_firmware:1.0.10
-
cpe:2.3:o:tp-link:nc250_firmware:1.0.8
-
cpe:2.3:o:tp-link:nc250_firmware:1.2.1
-
cpe:2.3:o:tp-link:nc250_firmware:1.3.0
-
cpe:2.3:o:tp-link:nc260_firmware:1.0.5
-
cpe:2.3:o:tp-link:nc260_firmware:1.0.6
-
cpe:2.3:o:tp-link:nc260_firmware:1.4.1
-
cpe:2.3:o:tp-link:nc260_firmware:1.5.0
-
cpe:2.3:o:tp-link:nc260_firmware:1.5.2
-
cpe:2.3:o:tp-link:nc450_firmware:1.0.15
-
cpe:2.3:o:tp-link:nc450_firmware:1.1.2
-
cpe:2.3:o:tp-link:nc450_firmware:1.3.4
-
cpe:2.3:o:tp-link:nc450_firmware:1.5.3