Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2023-28368
Modified
More InfoOfficial Page
Source-vultures@jpcert.or.jp
View Known Exploited Vulnerability (KEV) details
Published At-11 Apr, 2023 | 09:15
Updated At-10 Feb, 2025 | 21:15

TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Secondary3.15.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CPE Matches
TP-Link Systems Inc.
tp-link
>>t2600g-28sq_firmware>>20190530
cpe:2.3:o:tp-link:t2600g-28sq_firmware:20190530:*:*:*:*:*:*:*
TP-Link Systems Inc.
tp-link
>>t2600g-28sq_firmware>>20200304
cpe:2.3:o:tp-link:t2600g-28sq_firmware:20200304:*:*:*:*:*:*:*
TP-Link Systems Inc.
tp-link
>>t2600g-28sq>>1.0
cpe:2.3:h:tp-link:t2600g-28sq:1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-1391Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-1391
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jvn.jp/en/jp/JVN62420378/vultures@jpcert.or.jp
Third Party Advisory
https://www.tp-link.com/en/support/download/t2600g-28sq/#Firmwarevultures@jpcert.or.jp
Product
https://jvn.jp/en/jp/JVN62420378/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.tp-link.com/en/support/download/t2600g-28sq/#Firmwareaf854a3a-2127-422b-91ae-364da2661108
Product
Hyperlink: https://jvn.jp/en/jp/JVN62420378/
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
Hyperlink: https://www.tp-link.com/en/support/download/t2600g-28sq/#Firmware
Source: vultures@jpcert.or.jp
Resource:
Product
Hyperlink: https://jvn.jp/en/jp/JVN62420378/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.tp-link.com/en/support/download/t2600g-28sq/#Firmware
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product
Change History
0Changes found
Details not found