Details of VAR-202101-1977

ID

VAR-202101-1977

TITLE

TOPSEC TAP series smart wireless AP devices have unauthorized access vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2020-73270

DESCRIPTION

As a leading enterprise in China's information security industry, Beijing Top Rongxin Technology Co., Ltd. was established in 1995 and headquartered in Beijing. TOPSEC TAP series smart wireless AP devices have an unauthorized access vulnerability. Attackers can use this vulnerability to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

Trust: 0.6

sources: CNVD: CNVD-2020-73270

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-73270

AFFECTED PRODUCTS

vendor:

tianrongxin

model:

tap series smart wireless ap equipment

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-73270

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-73270
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-73270
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-73270

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-73270

Trust: 0.6

sources: CNVD: CNVD-2020-73270

SOURCES

db:

CNVD

id:

CNVD-2020-73270

LAST UPDATE DATE

2022-05-04T09:15:33.388000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-73270

date:

2020-12-22T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-73270

date:

2021-01-22T00:00:00