tg8 CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

tg8 vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to tg8, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2021-4471 TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access. [email protected] 8.7 0.58% 2025-11-14 2026-06-17
CVE-2021-4470 TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint. The syscmd POST parameter is passed directly to a system command without validation and executed with root privileges. A remote, unauthenticated attacker can supply crafted values to execute arbitrary operating system commands as root, resulting in full device compromise. [email protected] 9.3 0.92% 2025-11-14 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence