Lucene search

[email protected]CVE-2023-51833

HistoryJan 25, 2024 - 10:15 p.m.

CVE-2023-51833

2024-01-2522:15:07

CWE-77

[email protected]

web.nvd.nist.gov

cve-2023-51833

command injection

trendnet

tew-411brpplus

debug.cgi

nvd

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON

A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page.

Affected configurations

NVD

Node

trendnettew-411brpplusMatch-

AND

trendnettew-411brpplus_firmwareMatch2.07_eu

CPENameOperatorVersion
trendnet:tew-411brpplus_firmwaretrendnet tew-411brpplus firmwareeq2.07_eu

CPE	Name	Operator	Version
trendnet:tew-411brpplus_firmware	trendnet tew-411brpplus firmware	eq	2.07_eu

References

warp-desk-89d.notion.site/TEW-411BRPplus-9bafe26e48964be3be12eab47f77203d

www.trendnet.com/support/support-detail.asp?prod=160_TEW-411BRPplus

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for CVE-2023-51833

cvelist1 nvd1 prion1