26 matches found
EUVD-2017-17038
Malware in sbrugna...
EUVD-2017-17037
Malware in sbrugna...
EUVD-2017-17040
Malware in sbrugna...
EUVD-2017-17039
Malware in sbrugna...
EUVD-2017-8899
Malware in sbrugna...
EUVD-2025-1839
Malicious code in bioql PyPI...
CVE-2025-0729
A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920Beta is...
CVE-2017-8076
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...
CVE-2025-0730
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usraccountset.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request...
CVE-2025-0730
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usraccountset.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request...
CVE-2025-0729
A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920Beta is...
CVE-2025-0730 TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usraccountset.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request...
CVE-2025-0730
CVE-2025-0730 affects TP-Link TL-SG108E (version 1.0.0 Build 20201208 Rel. 40304). The vulnerability is in an unknown function of the HTTP GET Request Handler for /usr_account_set.cgi, where manipulating the username/password parameters in a GET request can disclose sensitive query data and is po...
CVE-2025-0729 TP-Link TL-SG108E clickjacking
A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920Beta is...
TP-LINK TL-SG108E 安全漏洞
TP-LINK TL-SG108E is a smart switch from China P&L TP-LINK. A security vulnerability exists in TP-Link TL-SG108E version 1.0.0 Build 20201208 Rel.40304, which stems from a parameter username/password in the file /usraccountset.cgi that can lead to the use of get request methods with sensitive que...
PT-2025-1309 · Tp Link · Tp-Link Tl-Sg108E
Name of the Vulnerable Software and Affected Versions: TP-Link TL-SG108E versions 1.0.0 Build 20201208 Rel. 40304 Description: A problematic vulnerability exists in the TP-Link TL-SG108E, affecting an unknown function within the /usr account set.cgi file of the HTTP GET Request Handler component...
TP-Link TL-SG108E Denial of Service Vulnerability
The TP-Link TL-SG108E is a Gigabit Ethernet switch from China P&L TP-LINK. A denial of service vulnerability exists in the Device Logout function in the TP-Link TL-SG108E version 1.0.0 due to weak access control. A remote attacker can exploit the vulnerability to invoke the logout function and...
Authentication flaw
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authentication record is stored on the device; thus if an administrator authenticates from a NAT network, the...
Race condition
Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout functionality, triggering a denial of service condition...
CVE-2017-17745
Cross-site scripting XSS vulnerability in systemnameset.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter...