First published: Wed Dec 18 2019(Updated: )
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trendnet Tew-651br Firmware | =2.04b1 | |
TRENDnet TEW-651BR | ||
Trendnet Tew-652brp Firmware | =3.04b01 | |
TRENDnet TEW-652BRP | ||
Trendnet Tew-652bru Firmware | =1.00b12 | |
Trendnet Tew-652bru |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-11399 is a vulnerability found on TRENDnet TEW-651BR, TEW-652BRP, and TEW-652BRU devices, allowing OS command injection.
CVE-2019-11399 has a severity score of 9.8 (critical).
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices are affected by CVE-2019-11399.
OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter in TRENDnet devices.
It is recommended to update the firmware of the affected devices to mitigate CVE-2019-11399.