Lucene search

K
cve[email protected]CVE-2023-49235
HistoryJan 09, 2024 - 9:15 a.m.

CVE-2023-49235

2024-01-0909:15:42
web.nvd.nist.gov
8
cve-2023-49235
trendnet
tv-ip1314pi
remote debugging
shell command execution
information security
vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command.

Affected configurations

NVD
Node
trendnettv-ip1314piMatch-
AND
trendnettv-ip1314pi_firmwareMatch5.5.3200714

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

Related for CVE-2023-49235