CVE-2017-8218

N/A

Description

vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.

CVE Details

CVSS v3.1 ScoreN/A

Published4/25/2017

Last Modified4/20/2025

Sourcenvd

Honeypot Sightings0

Affected Products

tp-link:c2tp-link:c20itp-link:c20i_firmwaretp-link:c2_firmware

Weaknesses (CWE)

CWE-1188

References

https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html(cve@mitre.org)

https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.