CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43318 – TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-43318
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. ... TP-Link JetStream Smart Switch TL-SG2210P version 5.0 build 20211201 suffers from a privilege escalation vulnerability. • https://github.com/str2ver/CVE-2023-43318 https://github.com/str2ver/CVE-2023-43318/tree/main https://seclists.org/fulldisclosure/2024/Mar/9 • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-20037
https://notcve.org/view.php?id=CVE-2024-20037
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-20034
https://notcve.org/view.php?id=CVE-2024-20034
In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-20032
https://notcve.org/view.php?id=CVE-2024-20032
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-862: Missing Authorization •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-20029
https://notcve.org/view.php?id=CVE-2024-20029
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •