Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tp-link TP-Link TL-SG2005和TP-Link TL-SG2008 跨站请求伪造漏洞
Vulnerability Description
Tp-link TP-Link TL-SG2005和TP-Link TL-SG2008都是中国普联(Tp-link)公司的一款交换机。 多款 Tp-Link 中存在跨站请求伪造漏洞,该漏洞源于该交换机内没有对敏感URL进行身份验证,攻击者可通过将配置信息放置在URL中制造恶意链接进而修改交换机密码、配置文件。以下产品及型号会受到影响: TP-Link TL-SG2005, TL-SG2008等1.0.0 Build 20180529 Rel.4052。
CVSS Information
N/A
Vulnerability Type
N/A