6 matches found
The vulnerability of TP-Link JetStream TL-SG2210P microprogramming software lies in the incorrect limitation of the path name to the restricted access directory, allowing attackers to escalate their privileges.
The vulnerability of TP-Link JetStream TL-SG2210P switch’s microprogramming software is related to an incorrect restriction on the path name of the restricted access directory. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
CVE-2023-43318
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests...
Design/Logic Flaw
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests...
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation Vulnerability
Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC + twitter.com/striv3r Vendor Tp-Link http://tp-link.com Product JetStream Smart Switch - TL-SG2210P v5.0 Build 20211201 Vulnerability Type Improper Access Control Affected Product Code Base JetStream Smart Switch - TL-SG2210P...
TP-LINK JetStream Smart Switch TL-SG2210P Security Breach
The TP-LINK JetStream Smart Switch TL-SG2210P is a smart switch from China P&L TP-LINK. A security vulnerability exists in TP-LINK JetStream Smart Switch TL-SG2210P version 5.0 Build 20211201, which originated from a vulnerability that allows an attacker to elevate privileges by modifying the tid...
CVE-2023-43318
Summary: CVE-2023-43318 affects TP-Link JetStream Smart Switch TL-SG2210P (v5.0, Build 20211201). Affects the webconsole endpoints under usermanagement/swtmactablecfg, where privilege escalation is possible by modifying the GET parameters tid and usrlvl. The issue is described as Improper Access ...