exploitDog

GHSA-4c3m-w6wv-6mg8

Опубликовано: 30 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.4

Описание

TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.

TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.

Ссылки

EPSS

Процентиль: 44%

0.00211

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2024-22546

CVSS3: 6.4

nvd

почти 2 года назад

TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.

EPSS

Процентиль: 44%

0.00211

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-77