Clickjacking Vulnerability in TP-Link TL-SG108E Network Switch
CVE-2025-0729

6.9MEDIUM

Key Information:

Vendor
Tp-link
Status
Tl-sg108e
Vendor
CVE Published:
27 January 2025

Summary

A vulnerability exists in the TP-Link TL-SG108E switch that allows attackers to exploit clickjacking techniques. This remote attack can manipulate users into unknowingly interacting with elements of the web interface. Users are strongly advised to upgrade to version 1.0.0 Build 20250124 Rel. 54920(Beta) to mitigate this issue, as the vendor has proactively provided a pre-fix for affected customers.

Affected Version(s)

TL-SG108E 1.0.0 Build 20201208 Rel. 40304

References

https://vuldb.com/?id.293507
vdb-entry
https://vuldb.com/?ctiid.293507
signaturepermissions-required
https://vuldb.com/?submit.478451
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

error404unknown (VulDB User)
.