CVE-2021-31658
Published: 10 June 2021
Summary
CVE-2021-31658 is a high-severity Improper Validation of Array Index (CWE-129) vulnerability in Tp-Link Tl-Sg2005 Firmware. Its CVSS base score is 8.1 (High).
Operationally, ranked in the top 47.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-18545
Vulnerability details
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the "device description" function only judges the length of the received data, and does not filter special characters. This vulnerability will…
more
cause the application to crash, and all device configuration information will be erased.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.