Published:2023/01/11  Last Updated:2023/01/11

JVN#78481846
TP-Link SG105PE vulnerable to authentication bypass

Overview

TP-Link SG105PE contains an authentication bypass vulnerability.

Products Affected

  • TP-Link SG105PE firmware prior to "TL-SG105PE(UN) 1.0_1.0.0 Build 20221208"

Description

TP-Link SG105PE contains an authentication bypass vulnerability (CWE-287).

Impact

Under certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and the product's settings may be altered with the privilege of the administrator.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
This vulnerability has been addressed in the firmware "TL-SG105PE(UN) 1.0_1.0.0 Build 20221208".

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Base Score: 4.2
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:A/AC:M/Au:N/C:P/I:P/A:N
Base Score: 4.3
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Baba Takao of BPS Co., Ltd reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-22303
JVN iPedia JVNDB-2023-000003