CVE-2013-3366

Опубликовано: 13 нояб. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 9.3

EPSS Низкий

Описание

Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

Ссылки

https://www.ise.io/casestudies/exploiting-soho-routers/
Mitigation
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Mitigation
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Mitigation
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Mitigation
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:trendnet:tew-812dru_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-812dru:-:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00242

Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-w8x9-6x9j-pqhj

github

больше 3 лет назад

Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G�DFdg_24Mhw3.