Tp-link Tl-sg108e Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Tp-link Tl-sg108e Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2017-8074 — CVSS 9.8 (critical): On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in…
CVE-2017-8075 — CVSS 9.8 (critical): On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext…
CVE-2017-8076 — CVSS 9.8 (critical): On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build…
CVE-2017-8077 — CVSS 7.5 (high): On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build…
CVE-2017-17746 — CVSS 6.8 (medium): Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access…
CVE-2017-17747 — CVSS 6.5 (medium): Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout…
CVE-2017-17745 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit…
CVE-2017-8078 — CVSS 5.3 (medium): On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called…
CVE-2025-0730 — CVSS 3.7 (low): A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown…