{ "document": { "acknowledgments": [ { "names": [ "Arko Dhar" ], "organization": "Redinent Innovations", "summary": "reported this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).", "title": "Legal Notice and Terms of Use" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras.", "title": "Risk evaluation" }, { "category": "other", "text": "Commercial Facilities", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-26-036-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-036-01.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-26-036-01 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks" } ], "title": "TP-Link Systems Inc. VIGI Series IP Camera", "tracking": { "current_release_date": "2026-02-11T06:00:00.000000Z", "generator": { "date": "2026-02-04T20:02:24.548178Z", "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-26-036-01", "initial_release_date": "2026-02-05T06:00:00.000000Z", "revision_history": [ { "date": "2026-02-05T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" }, { "date": "2026-02-11T06:00:00.000000Z", "legacy_version": "Additional Release 1", "number": "2", "summary": "Updated Headquarters Country to US and corrected reference to TP-Link Systems Inc." } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250820_Rel.57668n", "product": { "name": "TP-Link Systems Inc. VIGI Cx45 Series Models C345, C445: <=3.1.0_Build_250820_Rel.57668n", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "VIGI Cx45 Series Models C345, C445" }, { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250820_Rel.58873n", "product": { "name": "TP-Link Systems Inc. VIGI Cx55 Series Models C355, C455: <=3.1.0_Build_250820_Rel.58873n", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "VIGI Cx55 Series Models C355, C455" }, { "branches": [ { "category": "product_version_range", "name": "<=3.0.2_Build_250630_Rel.71279n", "product": { "name": "TP-Link Systems Inc. VIGI Cx85 Series Models C385, C485: <=3.0.2_Build_250630_Rel.71279n", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "VIGI Cx85 Series Models C385, C485" }, { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250625_Rel.65381n", "product": { "name": "TP-Link Systems Inc. VIGI C340S Series: <=3.1.0_Build_250625_Rel.65381n", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "VIGI C340S Series" }, { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250625_Rel.66601n", "product": { "name": "TP-Link Systems Inc. VIGI C540S Series Models C540S, EasyCam C540S: <=3.1.0_Build_250625_Rel.66601n", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "VIGI C540S Series Models C540S, EasyCam C540S" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250702_Rel.54300n", "product": { "name": "TP-Link Systems Inc. VIGI C540V Series: <=2.1.0_Build_250702_Rel.54300n", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "VIGI C540V Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250702_Rel.54301n", "product": { "name": "TP-Link Systems Inc. VIGI C250 Series: <=2.1.0_Build_250702_Rel.54301n", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "VIGI C250 Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250702_Rel.54294n", "product": { "name": "TP-Link Systems Inc. VIGI Cx50 Series Models C350, C450: <=2.1.0_Build_250702_Rel.54294n", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "VIGI Cx50 Series Models C350, C450" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_251014_Rel.58331n", "product": { "name": "TP-Link Systems Inc. VIGI Cx20I (1.0) Series Models C220I 1.0, C320I 1.0, C420I 1.0: <=2.1.0_Build_251014_Rel.58331n", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "VIGI Cx20I (1.0) Series Models C220I 1.0, C320I 1.0, C420I 1.0" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.44071n", "product": { "name": "TP-Link Systems Inc. VIGI Cx20I (1.20) Series Models C220I 1.20, C320I 1.20, C420I 1.20: <=2.1.0_Build_250701_Rel.44071n", "product_id": "CSAFPID-0010" } } ], "category": "product_name", "name": "VIGI Cx20I (1.20) Series Models C220I 1.20, C320I 1.20, C420I 1.20" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.45506n", "product": { "name": "TP-Link Systems Inc. VIGI Cx30I (1.0) Series Models C230I 1.0, C330I 1.0, C430I 1.0: <=2.1.0_Build_250701_Rel.45506n", "product_id": "CSAFPID-0011" } } ], "category": "product_name", "name": "VIGI Cx30I (1.0) Series Models C230I 1.0, C330I 1.0, C430I 1.0" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.44555n", "product": { "name": "TP-Link Systems Inc. VIGI Cx30I (1.20) Series Models C230I 1.20, C330I 1.20, C430I 1.20: <=2.1.0_Build_250701_Rel.44555n", "product_id": "CSAFPID-0012" } } ], "category": "product_name", "name": "VIGI Cx30I (1.20) Series Models C230I 1.20, C330I 1.20, C430I 1.20" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.46796n", "product": { "name": "TP-Link Systems Inc. VIGI Cx30 (1.0) Series Models C230 1.0, C330 1.0, C430 1.0: <=2.1.0_Build_250701_Rel.46796n", "product_id": "CSAFPID-0013" } } ], "category": "product_name", "name": "VIGI Cx30 (1.0) Series Models C230 1.0, C330 1.0, C430 1.0" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.46796n", "product": { "name": "TP-Link Systems Inc. VIGI Cx30 (1.20) Series Models C230 1.20, C330 1.20, C430 1.20: <=2.1.0_Build_250701_Rel.46796n", "product_id": "CSAFPID-0014" } } ], "category": "product_name", "name": "VIGI Cx30 (1.20) Series Models C230 1.20, C330 1.20, C430 1.20" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.46003n", "product": { "name": "TP-Link Systems Inc. VIGI Cx40I (1.0) Series Models C240I 1.0, C340I 1.0, C440I 1.0: <=2.1.0_Build_250701_Rel.46003n", "product_id": "CSAFPID-0015" } } ], "category": "product_name", "name": "VIGI Cx40I (1.0) Series Models C240I 1.0, C340I 1.0, C440I 1.0" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.45041n", "product": { "name": "TP-Link Systems Inc. VIGI Cx40I (1.20) Series Models C240I 1.20, C340I 1.20, C440I 1.20: <=2.1.0_Build_250701_Rel.45041n", "product_id": "CSAFPID-0016" } } ], "category": "product_name", "name": "VIGI Cx40I (1.20) Series Models C240I 1.20, C340I 1.20, C440I 1.20" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.47570n", "product": { "name": "TP-Link Systems Inc. VIGI C230I Mini Series: <=2.1.0_Build_250701_Rel.47570n", "product_id": "CSAFPID-0017" } } ], "category": "product_name", "name": "VIGI C230I Mini Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.48425n", "product": { "name": "TP-Link Systems Inc. VIGI C240 1.0 Series: <=2.1.0_Build_250701_Rel.48425n", "product_id": "CSAFPID-0018" } } ], "category": "product_name", "name": "VIGI C240 1.0 Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.49304n", "product": { "name": "TP-Link Systems Inc. VIGI C340 2.0 Series: <=2.1.0_Build_250701_Rel.49304n", "product_id": "CSAFPID-0019" } } ], "category": "product_name", "name": "VIGI C340 2.0 Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.49778n", "product": { "name": "TP-Link Systems Inc. VIGI C440 2.0 Series: <=2.1.0_Build_250701_Rel.49778n", "product_id": "CSAFPID-0020" } } ], "category": "product_name", "name": "VIGI C440 2.0 Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.50397n", "product": { "name": "TP-Link Systems Inc. VIGI C540 2.0 Series: <=2.1.0_Build_250701_Rel.50397n", "product_id": "CSAFPID-0021" } } ], "category": "product_name", "name": "VIGI C540 2.0 Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.2.0_Build_250826_Rel.56808n", "product": { "name": "TP-Link Systems Inc. VIGI C540‑4G Series: <=2.2.0_Build_250826_Rel.56808n", "product_id": "CSAFPID-0022" } } ], "category": "product_name", "name": "VIGI C540‑4G Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.1_Build_250717", "product": { "name": "TP-Link Systems Inc. VIGI Cx40‑W Series Models C340‑W 2.0/2.20, C440‑W 2.0, C540‑W 2.0: <=2.1.1_Build_250717", "product_id": "CSAFPID-0023" } } ], "category": "product_name", "name": "VIGI Cx40‑W Series Models C340‑W 2.0/2.20, C440‑W 2.0, C540‑W 2.0" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250701_Rel.39597n", "product": { "name": "TP-Link Systems Inc. VIGI Cx20 Series Models C320, C420: <=2.1.0_Build_250701_Rel.39597n", "product_id": "CSAFPID-0024" } } ], "category": "product_name", "name": "VIGI Cx20 Series Models C320, C420" }, { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250820_Rel.57668n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx45 Series Models S245, S345, S445: <=3.1.0_Build_250820_Rel.57668n", "product_id": "CSAFPID-0025" } } ], "category": "product_name", "name": "VIGI InSight Sx45 Series Models S245, S345, S445" }, { "branches": [ { "category": "product_version_range", "name": "<=3.1.0_Build_250820_Rel.58873n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx55 Series Models S355, S455: <=3.1.0_Build_250820_Rel.58873n", "product_id": "CSAFPID-0026" } } ], "category": "product_name", "name": "VIGI InSight Sx55 Series Models S355, S455" }, { "branches": [ { "category": "product_version_range", "name": "<=3.0.2_Build_250630_Rel.71279n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx85 Series Models S285, S385: <=3.0.2_Build_250630_Rel.71279n", "product_id": "CSAFPID-0027" } } ], "category": "product_name", "name": "VIGI InSight Sx85 Series Models S285, S385" }, { "branches": [ { "category": "product_version_range", "name": "<=1.2.0_Build_250820_Rel.60930n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx45ZI Series Models S245ZI, S345ZI, S445ZI: <=1.2.0_Build_250820_Rel.60930n", "product_id": "CSAFPID-0028" } } ], "category": "product_name", "name": "VIGI InSight Sx45ZI Series Models S245ZI, S345ZI, S445ZI" }, { "branches": [ { "category": "product_version_range", "name": "<=1.2.0_Build_250827_Rel.66817n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx85PI Series Models S385PI, S485PI: <=1.2.0_Build_250827_Rel.66817n", "product_id": "CSAFPID-0029" } } ], "category": "product_name", "name": "VIGI InSight Sx85PI Series Models S385PI, S485PI" }, { "branches": [ { "category": "product_version_range", "name": "<=1.1.1_Build_250625_Rel.64224n", "product": { "name": "TP-Link Systems Inc. VIGI InSight S655I Series: <=1.1.1_Build_250625_Rel.64224n", "product_id": "CSAFPID-0030" } } ], "category": "product_name", "name": "VIGI InSight S655I Series" }, { "branches": [ { "category": "product_version_range", "name": "<=2.1.0_Build_250725_Rel.36867n", "product": { "name": "TP-Link Systems Inc. VIGI InSight S345‑4G Series: <=2.1.0_Build_250725_Rel.36867n", "product_id": "CSAFPID-0031" } } ], "category": "product_name", "name": "VIGI InSight S345‑4G Series" }, { "branches": [ { "category": "product_version_range", "name": "<=1.1.0_Build_250630_Rel.39597n", "product": { "name": "TP-Link Systems Inc. VIGI InSight Sx25 Series Models S225, S325, S425: <=1.1.0_Build_250630_Rel.39597n", "product_id": "CSAFPID-0032" } } ], "category": "product_name", "name": "VIGI InSight Sx25 Series Models S225, S325, S425" } ], "category": "vendor", "name": "TP-Link Systems Inc." } ] }, "vulnerabilities": [ { "cve": "CVE-2026-0629", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "An authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.", "title": "Vulnerability Summary" }, { "category": "details", "text": "SSVCv2/E:N/A:N/2026-02-04T06:00:00.000000Z", "title": "SSVC" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ] }, "references": [ { "category": "external", "summary": "cwe.mitre.org", "url": "https://cwe.mitre.org/data/definitions/287.html" }, { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2026-0629" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "TP-Link Systems Inc. strongly recommends that users with affected devices take the following actions:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ] }, { "category": "mitigation", "details": "Download and update to the latest firmware version to fix the vulnerability from the following links.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ] }, { "category": "mitigation", "details": "United States users should visit the TP-Link US Download Center here: https://www.vigi.com/us/support/download/.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ], "url": "https://www.vigi.com/us/support/download/" }, { "category": "mitigation", "details": "Global English users should visit the TP-Link EN Download Center:https://www.vigi.com/es/support/download/.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ], "url": "https://www.vigi.com/es/support/download/" }, { "category": "mitigation", "details": "India users should visit the TP-Link India Download Center:https://www.vigi.com/in/support/download/.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ], "url": "https://www.vigi.com/in/support/download/" }, { "category": "mitigation", "details": "Please visit https://www.tp-link.com/us/support/faq/4906/ for the TP-Link advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ], "url": "https://www.tp-link.com/us/support/faq/4906/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", "CSAFPID-0027", "CSAFPID-0028", "CSAFPID-0029", "CSAFPID-0030", "CSAFPID-0031", "CSAFPID-0032" ] } ] } ] }