Описание
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Ссылки
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.2 High
CVSS3
8.3 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Уязвимость файла /admin_ping.htm компонента POST Request Handler микропрограммного обеспечения маршрутизатора Trendnet TEW-822DRE, позволяющая нарушителю выполнить произвольные команды
EPSS
7.2 High
CVSS3
8.3 High
CVSS2