CVE-2017-8075

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
References
Link Resource
https://chmod750.com/2017/04/23/vulnerability-disclosure-tp-link/ Exploit Technical Description Third Party Advisory
http://www.securityfocus.com/bid/97983 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:tl-sg108e_firmware:1.1.2:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sg108e:-:*:*:*:*:*:*:*

Information

Published : 2017-04-23 09:59

Updated : 2017-04-27 11:23


NVD link : CVE-2017-8075

Mitre link : CVE-2017-8075


JSON object : View

CWE
CWE-532

Insertion of Sensitive Information into Log File

Advertisement

dedicated server usa

Products Affected

tp-link

  • tl-sg108e_firmware
  • tl-sg108e