1 results (0.001 seconds)
CVSS: 8.3EPSS: 4%CPEs: 2EXPL: 1
CVSS: 8.3EPSS: 4%CPEs: 2EXPL: 1CVE-2024-0920 – TRENDnet TEW-822DRE POST Request admin_ping.htm command injection
https://notcve.org/view.php?id=CVE-2024-0920
26 Jan 2024 — A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. • https://vuldb.com/?ctiid.252124 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •