Skip to main content

Tl Sg108E Firmware

9 CVEs product

Monthly

CVE-2025-0730 MEDIUM POC This Month

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl Sg108E Firmware
NVD VulDB GitHub
CVSS 4.0
6.3
EPSS
0.5%
CVE-2017-17747 MEDIUM POC This Month

Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout functionality, triggering a denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Denial Of Service Authentication Bypass Tl Sg108E Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-17746 MEDIUM POC This Month

Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-17745 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS TP-Link Java Tl Sg108E Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-8078 MEDIUM POC This Month

On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-8077 HIGH POC This Week

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-8076 CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-8075 CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2017-8074 CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD
CVSS 3.0
9.8
EPSS
1.4%
EPSS 0% CVSS 6.3
MEDIUM POC This Month

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl Sg108E Firmware
NVD VulDB GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout functionality, triggering a denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Denial Of Service Authentication Bypass +1
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS TP-Link Java +1
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass Tl Sg108E Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Sg108E Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy