{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:26:10.661","vulnerabilities":[{"cve":{"id":"CVE-2020-12109","sourceIdentifier":"cve@mitre.org","published":"2020-05-04T16:15:12.087","lastModified":"2024-11-21T04:59:15.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304."},{"lang":"es","value":"Ciertos dispositivos TP-Link permiten una inyección de comandos. Esto afecta a NC200 versión 2.1.9 build 200225, NC210 versión 1.0.9 build 200304, NC220 versión 1.3.0 build 200304, NC230 versión 1.3.0 build 200304, NC250 versión 1.3.0 build 200304, NC260 versión 1.5.2 build 200304, y NC450 versión 1.5.3 build 200304."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc200_firmware:2.1.6:160108_b:*:*:*:*:*:*","matchCriteriaId":"C49E1583-39DF-4BFB-BB80-F9F2118DECB8"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc200_firmware:2.1.9:200225:*:*:*:*:*:*","matchCriteriaId":"91F2DC6B-5C4F-49DE-8464-78F750A09135"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc200:-:*:*:*:*:*:*:*","matchCriteriaId":"1856BF12-5B8B-460C-951D-B48DAEFE93F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc210_firmware:1.0.3:160229:*:*:*:*:*:*","matchCriteriaId":"ACC9C2F6-C933-4EAC-AF64-743063F6CF54"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc210_firmware:1.0.4:160412:*:*:*:*:*:*","matchCriteriaId":"D2CA6ACA-92A7-4F9C-9897-8841FE8514E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc210_firmware:1.0.9:200304:*:*:*:*:*:*","matchCriteriaId":"12008577-3A10-4C23-A237-AC628D10D8E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc210:-:*:*:*:*:*:*:*","matchCriteriaId":"32E1DC59-F58C-4FB4-A3C0-9A4F8290F8E8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc220_firmware:1.2.0:170516:*:*:*:*:*:*","matchCriteriaId":"456A7C77-6DDF-40E0-A972-669EDFB5D82F"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc220_firmware:1.3.0:180105:*:*:*:*:*:*","matchCriteriaId":"5C11C3AF-540C-4DAF-BF69-96C394D4B43F"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc220_firmware:1.3.0:200304:*:*:*:*:*:*","matchCriteriaId":"A47A572A-5DE5-46B2-A942-698286872029"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc220:-:*:*:*:*:*:*:*","matchCriteriaId":"09A89384-FA35-492D-B25D-434A049D3A13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc230_firmware:1.0.3:160108:*:*:*:*:*:*","matchCriteriaId":"AC051CDE-5054-4925-8D14-B286D01E46B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc230_firmware:1.2.1:170515:*:*:*:*:*:*","matchCriteriaId":"CA09DB0A-47A0-44D9-AABD-2C335B502B0F"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc230_firmware:1.3.0:200304:*:*:*:*:*:*","matchCriteriaId":"BC2CCFDD-290A-46FA-9DC2-8CBAE96258DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc230:-:*:*:*:*:*:*:*","matchCriteriaId":"3EDB6A57-0D56-43D2-8D36-EC841D9A7FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc250_firmware:1.0.8:160108:*:*:*:*:*:*","matchCriteriaId":"488217FC-C02C-4AA3-AD0E-26679E5912FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc250_firmware:1.0.10:160321:*:*:*:*:*:*","matchCriteriaId":"D2E08C60-2422-4135-B02F-B605386DC314"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc250_firmware:1.2.1:170515:*:*:*:*:*:*","matchCriteriaId":"6EB1C532-D019-4EB8-93A0-15FE8DFC07B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc250_firmware:1.3.0:200304:*:*:*:*:*:*","matchCriteriaId":"4BC014D7-461C-4B63-B79F-B41C55508027"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc250:-:*:*:*:*:*:*:*","matchCriteriaId":"3C6A3B4E-F357-4E9F-A799-E58E0D593F19"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc260_firmware:1.0.5:160804:*:*:*:*:*:*","matchCriteriaId":"B4227D23-DF7F-484C-8508-341ED2744B52"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc260_firmware:1.0.6:161114:*:*:*:*:*:*","matchCriteriaId":"2E7D5E76-892D-46B1-BD46-BD34E0CDFC22"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc260_firmware:1.4.1:180720:*:*:*:*:*:*","matchCriteriaId":"C23AB02F-00DA-4844-96EE-6E3976BB5065"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc260_firmware:1.5.0:181123:*:*:*:*:*:*","matchCriteriaId":"3F23255A-C021-4B25-86A8-029007EF4D73"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc260_firmware:1.5.2:200304:*:*:*:*:*:*","matchCriteriaId":"54C3D856-5E56-4539-8437-495DCA5CB59E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc260:-:*:*:*:*:*:*:*","matchCriteriaId":"0F82284F-1244-45BC-9F38-956219905C97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc450_firmware:1.0.15:160920:*:*:*:*:*:*","matchCriteriaId":"B98EA7FE-B277-44F1-99CD-393FB13D4CC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc450_firmware:1.1.2:161013:*:*:*:*:*:*","matchCriteriaId":"72C02D43-51C5-480B-8957-99C9202E87DC"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc450_firmware:1.3.4:171130:*:*:*:*:*:*","matchCriteriaId":"B1755D43-FD92-4DAE-B438-711A665C5790"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:nc450_firmware:1.5.3:200304:*:*:*:*:*:*","matchCriteriaId":"59F5150F-6D80-4B94-9EA6-A20EF1AC7060"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:nc450:-:*:*:*:*:*:*:*","matchCriteriaId":"71C122A0-FEC3-4482-A55D-09FA03A47F56"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2020/May/2","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.tp-link.com/us/security","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2020/May/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.tp-link.com/us/security","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}