cvedb.io
CVE-2023-28368
MEDIUM · CVSS 5.7
EPSS exploitation probability: 0%
Published 2023-04-11T09:15:08.247 · Last modified 2026-06-17T05:47:33.727

Summary

TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained.

Affected products

tp-link — t2600g-28sq_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when tp-link ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.