Hard-Coded Ciphering Key in TP-Link Ethernet Switch
CVE-2017-8077

7.5HIGH

Key Information:

Vendor: Tp-link
Status: Tl-sg108e Firmware
Vendor: CVE Published:; 3 October 2022

What is CVE-2017-8077?

The TP-Link TL-SG108E 1.0 contains a hard-coded ciphering key that can compromise the security of the device, allowing potential attackers to exploit this flaw. This vulnerability impacts devices running firmware version 1.1.2 Build 20141017 Rel.50749, making it essential for users to review their device configurations and apply any necessary updates to enhance their network security.

References

https://chmod750.com/2017/04/23/vulnerability-disclosure-...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2022
Vulnerability Reserved
Oct 3, 2022

Tp-link

What is CVE-2017-8077?

References

CVSS V3.1

Timeline