Array Index Error in TP-Link Managed Switches
CVE-2021-31658

8.1HIGH

Key Information:

Vendor

Tp-link
Status
Tl-sg2005 Firmware
Vendor
CVE Published:
10 June 2021

What is CVE-2021-31658?

An array index error in TP-Link managed switches such as the TL-SG2005 and TL-SG2008 allows for improper handling of device description data. The vulnerable interface fails to filter special characters and only checks for data length, leading to application crashes and potential loss of all device configuration. This issue highlights the importance of secure coding practices to validate user inputs and protect critical device information from being compromised.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tp-link.com
x_refsource_MISC
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2...
x_refsource_MISC

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.