CVE-2013-3688

2022-10-0316:14:45

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-3688

tp-link

ip cameras

denial of service

remote attack

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

7.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.1%

JSON

The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause a denial of service (device reboot) via a request to cgi-bin/reboot or (2) cause a denial of service (reboot and reset to factory defaults) via a request to cgi-bin/hardfactorydefault.

Affected configurations

NVD

Node

tp-linktl-sc3130Match-

tp-linktl-sc3130gMatch-

tp-linktl-sc3171Match-

tp-linktl-sc3171gMatch-

AND

tp-linklm_firmwareRange≤1.6.18p12_sign5

CPENameOperatorVersion
tp-link:tl-sc3130tp-link tl-sc3130eq-
tp-link:tl-sc3130gtp-link tl-sc3130geq-
tp-link:tl-sc3171tp-link tl-sc3171eq-
tp-link:tl-sc3171gtp-link tl-sc3171geq-
tp-link:lm_firmwaretp-link lm firmwarele1.6.18p12_sign5

CPE	Name	Operator	Version
tp-link:tl-sc3130	tp-link tl-sc3130	eq	-
tp-link:tl-sc3130g	tp-link tl-sc3130g	eq	-
tp-link:tl-sc3171	tp-link tl-sc3171	eq	-
tp-link:tl-sc3171g	tp-link tl-sc3171g	eq	-
tp-link:lm_firmware	tp-link lm firmware	le	1.6.18p12_sign5