CVE-2024-22546
MEDIUM6.4CVSS v3
—CVSS v2
0.21%
EPSS (exploit probability)
CWE-77CWE
Description
TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.
CVSS v3 vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| TRENDnet | TRENDnet TEW-815DAP | — |
— | — | Unpatched |