CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-28858

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.0%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

https://yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cleartext-transmission-of-sensitive-information-40357c778b84
https://yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cleartext-transmission-of-sensitive-information-40357c778b84

Products affected by CVE-2021-28858

Tp-Link » Tl-Wpa4220 » Version: 4.0

cpe:2.3:h:tp-link:tl-wpa4220:4.0
Tp-Link » Tl-Wpa4220 Firmware » Version: 4.0.2

cpe:2.3:o:tp-link:tl-wpa4220_firmware:4.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28858

Products

Pricing

Contact Us