PT-2021-17968 · Tp Link · Tl-Wpa4220
Published
2021-06-15
·
Updated
2021-06-23
·
CVE-2021-28858
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
TL-WPA4220 version 4.0.2 Build 20180308 Rel.37064
Description:
The issue concerns the lack of SSL usage by default, allowing an attacker on the local network to monitor traffic and capture sensitive information such as cookies.
Recommendations:
For TL-WPA4220 version 4.0.2 Build 20180308 Rel.37064, consider enabling SSL to encrypt the traffic and protect sensitive information. As a temporary workaround, restrict access to the local network to minimize the risk of exploitation.
Exploit
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tl-Wpa4220