CVE-2019-16893
published 2020-02-03CVE-2019-16893: The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
PriorityP268high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
37.82%
98.4th percentile
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tp-link | tp-sg105e_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Alert on any HTTP POST to the path /reboot.cgi on TP-Link TL-SG105E web management interfaces (typically on LAN/management network), especially from unauthenticated sources. ↗
- ·The exploit targets TP-Link TP-SG105E V4 firmware version 1.0.0 Build 20181120 specifically; patched firmware (1.0.0 Build 20200119 rel.52079) restricts access to the internal API and is not vulnerable. ↗
- ·The vulnerable endpoint is part of the device's web management interface; if the management interface is exposed beyond the local network, the attack surface is significantly increased. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2020-02-03
Published