Vulnerabilities (CVE)

Filtered by vendor Tp-link Subscribe
Filtered by product C2
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8220 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-11-21 9.0 HIGH 9.9 CRITICAL
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
CVE-2017-8219 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI.
CVE-2017-8218 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.
CVE-2017-8217 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.