CVE-2026-34127
Awaiting Analysis Awaiting Analysis - Queue
Stored XSS in TP-Link TL-SG108PE v5 Switch

Publication date: 2026-05-29

Last updated on: 2026-06-01

Assigner: TPLink

Description
A stored cross-site scripting (XSS) vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious script into the device configuration, which may be stored and executed in the administrator’s browser when the affected interface is viewed.Β  Β Β  Successful exploitation may allow session cookie theft, unauthorized configuration changes, or access to sensitive information exposed through the management interface.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-06-01
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-34127
EUVD
EUVD-2026-33420
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tp-link tl-sg108pe_firmware 1.0.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stored cross-site scripting (XSS) issue found in the web management interface of the TP-Link TL-SG108PE version 5 switch. It occurs because the SYSNAM configuration parameter is not properly sanitized during the import of configuration files. An attacker who has administrator access can inject malicious scripts into the device's configuration. These scripts are then stored and executed in the administrator's browser when they view the affected interface.

Impact Analysis

Exploiting this vulnerability can allow an attacker to steal session cookies, make unauthorized configuration changes, or gain access to sensitive information exposed through the device's management interface.

Detection Guidance

Detection of this vulnerability involves checking the firmware version of the TP-Link TL-SG108PE v5 switch to see if it is vulnerable. Specifically, versions prior to TL-SG108PE(UN)_V5_1.0.1 Build 20260330 are affected.

Since the vulnerability is related to improper sanitization of the SYSNAM configuration parameter during configuration file import, reviewing the configuration files for suspicious or unexpected script content in the SYSNAM parameter may help detect exploitation.

There are no specific commands provided in the resources to detect the vulnerability directly on the device or network.

Mitigation Strategies

The immediate and recommended mitigation step is to upgrade the TP-Link TL-SG108PE v5 switch firmware to version TL-SG108PE(UN)_V5_1.0.1 Build 20260330 or later.

This firmware update fixes the vulnerability by updating validation rules for the Device Description field, restricting input to only numbers, letters, and hyphens, and preventing leading or trailing hyphens.

Until the firmware is updated, limit administrator access to trusted users only, as exploitation requires administrator privileges.

Compliance Impact

The vulnerability allows an attacker with administrator access to inject malicious scripts into the device configuration, potentially leading to session cookie theft, unauthorized configuration changes, or access to sensitive information exposed through the management interface.

Such unauthorized access and potential exposure of sensitive information could negatively impact compliance with data protection standards and regulations like GDPR and HIPAA, which require safeguarding sensitive data and preventing unauthorized access.

However, the provided information does not explicitly discuss compliance impacts or specific regulatory considerations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34127. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart