1 results (0.001 seconds)
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1
CVE-2024-0920 – TRENDnet TEW-822DRE POST Request admin_ping.htm command injection
https://notcve.org/view.php?id=CVE-2024-0920
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. • https://vuldb.com/?ctiid.252124 https://vuldb.com/?id.252124 https://warp-desk-89d.notion.site/TEW-822DRE-5289eb95796749c2878843519ab451d8?pvs=4 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •