CVE-2023-43318 – TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-43318
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. ... TP-Link JetStream Smart Switch TL-SG2210P version 5.0 build 20211201 suffers from a privilege escalation vulnerability. • https://github.com/str2ver/CVE-2023-43318 https://github.com/str2ver/CVE-2023-43318/tree/main https://seclists.org/fulldisclosure/2024/Mar/9 • CWE-284: Improper Access Control •
CVE-2024-20037
https://notcve.org/view.php?id=CVE-2024-20037
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2024-20034
https://notcve.org/view.php?id=CVE-2024-20034
In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-20: Improper Input Validation •
CVE-2024-20032
https://notcve.org/view.php?id=CVE-2024-20032
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-862: Missing Authorization •
CVE-2024-20029
https://notcve.org/view.php?id=CVE-2024-20029
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •