CVE-2023-43318
First published: Tue Mar 05 2024(Updated: )
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Tp-link Tl-sg2210p Firmware | =5.0-build_20211201 | |
| Tp-link Tl-sg2210p |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-43318?
CVE-2023-43318 is considered a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2023-43318?
To fix CVE-2023-43318, update the TP-Link TL-SG2210P Smart Switch firmware to the latest version provided by TP-Link.
What kind of attack is CVE-2023-43318 associated with?
CVE-2023-43318 is associated with privilege escalation attacks through the manipulation of specific values in GET requests.
Which devices are affected by CVE-2023-43318?
CVE-2023-43318 affects TP-Link JetStream Smart Switch TL-SG2210P running firmware version 5.0 Build 20211201.
What values need to be modified to exploit CVE-2023-43318?
To exploit CVE-2023-43318, an attacker would need to modify the 'tid' and 'usrlvl' values in GET requests.
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/severity
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/tags
- agent/source
- vendor/tp-link
- canonical/tp-link tl-sg2210p firmware
- version/tp-link tl-sg2210p firmware/5.0-build_20211201
- canonical/tp-link tl-sg2210p