Lucene search
China National Vulnerability DatabaseCNVD-2023-18942HistoryJan 04, 2023 - 12:00 a.m.
TRENDnet TEW-755AP Command Injection Vulnerability
2023-01-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
trendnet
command injection
vulnerability
setup_wizard_mydlink
sys_service parameter
arbitrary commands
router
inc.
0.016 Low
EPSS
Percentile
87.4%
TRENDnet TEW-755AP is a router from TRENDnet, Inc. A command injection vulnerability exists in TRENDnet TEW-755AP, which stems from the failure to properly filter the sys_service parameter in the setup_wizard_mydlink (sub_4104B8) function. construct command special characters, commands, etc. An attacker could use this vulnerability to execute arbitrary commands on the system.
Related
cve
cve
CVE-2022-46597
2022-12-30 21:15:10
prion
prion
Command injection
2022-12-30 21:15:00
nvd
nvd
CVE-2022-46597
2022-12-30 21:15:10
cvelist
cvelist
CVE-2022-46597
2022-12-30 00:00:00