9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.7%
TP-Link SG105PE contains an authentication bypass vulnerability (CWE-287).
Under certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and the product’s settings may be altered with the privilege of the administrator.
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
This vulnerability has been addressed in the firmware “TL-SG105PE(UN) 1.0_1.0.0 Build 20221208”.