Описание
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntp_server" passed to the "ntp_sync.cgi" binary through a POST request.
Ссылки
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:trendnet:tew-632brp_firmware:1.010b31:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-632brp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00484
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 9.8
github
около 1 года назад
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntp_server" passed to the "ntp_sync.cgi" binary through a POST request.
EPSS
Процентиль: 65%
0.00484
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-77