Vulnerabilities (CVE)

Filtered by vendor Tp-link Subscribe
Total 306 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8077 1 Tp-link 2 Tl-sg108e, Tl-sg108e Firmware 2024-02-04 5.0 MEDIUM 7.5 HIGH
On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
CVE-2017-8075 1 Tp-link 2 Tl-sg108e, Tl-sg108e Firmware 2024-02-04 5.0 MEDIUM 9.8 CRITICAL
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
CVE-2017-8218 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-02-04 10.0 HIGH 9.8 CRITICAL
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.
CVE-2017-8074 1 Tp-link 2 Tl-sg108e, Tl-sg108e Firmware 2024-02-04 5.0 MEDIUM 9.8 CRITICAL
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
CVE-2017-8217 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.
CVE-2017-8220 1 Tp-link 4 C2, C20i, C20i Firmware and 1 more 2024-02-04 9.0 HIGH 9.9 CRITICAL
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.