Vulnerability Details CVE-2024-0920
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.1%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 8.3
References
Products affected by CVE-2024-0920
-
cpe:2.3:h:trendnet:tew-822dre:-
-
cpe:2.3:o:trendnet:tew-822dre_firmware:1.03b02