PT-2017-18104 · Tp Link · Tp-Link Tl-Sg108E

Published

2017-04-23

Updated

2017-04-27

CVE-2017-8076

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108E version 1.0

Description The issue concerns the use of RC4 encoding for admin network communications, despite RC4 being deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

Recommendations For TP-Link TL-SG108E version 1.0, consider updating the firmware to a version that does not use RC4 encoding for admin network communications. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

CVE-2017-8076

Affected Products

Tp-Link Tl-Sg108E

PT-2017-18104 · Tp Link · Tp-Link Tl-Sg108E

CVE-2017-8076

Weakness Enumeration

Related Identifiers

Affected Products

References · 3