AI Score
Confidence
High
EPSS
Percentile
41.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the ‘tid’ and ‘usrlvl’ values in GET requests.
[
{
"cpes": [
"cpe:2.3:h:tp-link:tl-sg2210p:-:*:*:*:*:*:*:*"
],
"vendor": "tp-link",
"product": "tl-sg2210p",
"versions": [
{
"status": "affected",
"version": "v5.0 Build 20211201"
}
],
"defaultStatus": "unknown"
}
]