CVE-2017-17746

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108E version 1.0.0

Description The issue concerns weak access control methods. Specifically, if an administrator authenticates from a NAT network, the authentication applies to the IP address of the NAT gateway. As a result, any user behind that NAT gateway is also treated as authenticated, allowing them to access the device without entering user credentials.

Recommendations For TP-Link TL-SG108E version 1.0.0, consider restricting access to the device from NAT networks or implementing additional authentication measures to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.