Vulnerability Details CVE-2020-28005
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
References
Products affected by CVE-2020-28005
-
cpe:2.3:h:tp-link:tl-wpa4220:v2
-
cpe:2.3:h:tp-link:tl-wpa4220:v3
-
cpe:2.3:h:tp-link:tl-wpa4220:v4
-
cpe:2.3:o:tp-link:tl-wpa4220_firmware:-
-
cpe:2.3:o:tp-link:tl-wpa4220_firmware:4.0.2
-
cpe:2.3:o:tp-link:tl-wpa4220_firmware:tl-wpa4220(eu)_v4_201023