Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Tl-Sg108E Firmware Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2017-17745

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter.

5.4CVSS

5.3AI Score

0.001EPSS

2017-12-20 08:29 PM
26
cve
cve

CVE-2017-8078

On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

5.3CVSS

5.4AI Score

0.001EPSS

2017-04-23 04:59 PM
21