CVE-2022-30328: CSRF
First published: Thu Jun 16 2022(Updated: )
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendnet Tew-831dr Firmware | =1.0_601.130.1.1356 | |
| TRENDnet TEW-831DR |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-30328.
What is the severity of CVE-2022-30328?
CVE-2022-30328 has a severity of medium, with a CVSS score of 6.5.
Which devices are affected by CVE-2022-30328?
TRENDnet TEW-831DR version 1.0 601.130.1.1356 devices are affected by CVE-2022-30328.
What is the impact of CVE-2022-30328?
CVE-2022-30328 allows a malicious user to change the username and password of the web interface without requiring the existing password.
Is there a fix available for CVE-2022-30328?
At the time of this advisory, no official fix or patch has been released for CVE-2022-30328. It is recommended to monitor the vendor's website for updates.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/trendnet
- canonical/trendnet tew-831dr firmware
- version/trendnet tew-831dr firmware/1.0_601.130.1.1356
- canonical/trendnet tew-831dr