CVE-2021-28858

2021-06-1521:51:50

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%

JSON

TP-Link’s TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

References

yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cleartext-transmission-of-sensitive-information-40357c778b84