First published: Mon Jan 23 2023(Updated: )
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trendnet Tew-820ap Firmware | =1.01.b01 | |
Trendnet Tew-820ap | =1.0r | |
All of | ||
Trendnet Tew-820ap Firmware | =1.01.b01 | |
Trendnet Tew-820ap | =1.0r |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-24096 refers to a vulnerability in the TrendNet Wireless AC Easy-Upgrader TEW-820AP firmware version 1.01.B01 that allows attackers to execute arbitrary code through a stack overflow.
CVE-2023-24096 has a severity value of 8.8, which is considered high.
The affected software versions are TrendNet Wireless AC Easy-Upgrader TEW-820AP firmware version 1.01.B01 and TEW-820AP v1.0R.
Attackers can exploit CVE-2023-24096 by providing a crafted payload via the 'newpass' parameter at /formPasswordSetup, leading to a stack overflow and potential execution of arbitrary code.
As of the time of this advisory, there are no known fixes or patches available for CVE-2023-24096. It is recommended to contact the vendor for further information.