Описание
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.
Уязвимые конфигурации
Конфигурация 1Версия до 2.06b04 (включая)
Одновременно
cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-827dru:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07475
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.
EPSS
Процентиль: 92%
0.07475
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78