Tp Link · Tp-Link Nc250 · CVE-2017-10796
**Name of the Vulnerable Software and Affected Versions**
TP-Link NC250 versions prior to 1.2.1 build 170515
**Description**
The issue allows unauthorized access to video and audio streams. An attacker can view video and audio without authentication by accessing the "rtsp://admin@yourip:554/h264 hd.sdp" URL.
**Recommendations**
For TP-Link NC250 versions prior to 1.2.1 build 170515, consider restricting access to the rtsp URL until a patch is available. Avoid using the default admin credentials in the rtsp URL to minimize the risk of exploitation.