TP-Link Patches Multiple Vulnerabilities in NC Cloud Cameras

[silversurfer]

Content source

https://www.securityweek.com/tp-link-patches-multiple-vulnerabilities-nc-cloud-cameras

TP-Link has released firmware updates to address several vulnerabilities in its NC series cloud cameras, including bugs that could lead to the remote execution of arbitrary commands.

Tracked as CVE-2020-12111, the first of the command injection flaws impacts the NC260 and NC450 models and could be abused to remotely execute commands as root on affected devices.

The second command injection bug, CVE-2020-12109, impacts TP-Link NC200, NC210, NC220, NC230, NC250, NC260, and NC450 cloud cameras.

In addition to these two vulnerabilities, TP-Link addressed a hardcoded encryption key issue in NC200, NC210, NC220, NC230, NC250, NC260, and NC450 device models. Tracked as CVE-2020-12110, [....]