Clickjacking Vulnerability in TP-Link TL-SG108E Network Switch
CVE-2025-0729

6.9MEDIUM

Key Information:

Vendor: Tp-link
Status: Tl-sg108e
Vendor: CVE Published:; 27 January 2025

What is CVE-2025-0729?

A vulnerability exists in the TP-Link TL-SG108E switch that allows attackers to exploit clickjacking techniques. This remote attack can manipulate users into unknowingly interacting with elements of the web interface. Users are strongly advised to upgrade to version 1.0.0 Build 20250124 Rel. 54920(Beta) to mitigate this issue, as the vendor has proactively provided a pre-fix for affected customers.

Affected Version(s)

TL-SG108E 1.0.0 Build 20201208 Rel. 40304

References

https://vuldb.com/?id.293507

vdb-entry

https://vuldb.com/?ctiid.293507

signaturepermissions-required

https://vuldb.com/?submit.478451

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 27, 2025

Credit

error404unknown (VulDB User)

Tp-link

What is CVE-2025-0729?

Affected Version(s)

References

CVSS V4

Timeline

Credit