First published: Fri Jan 26 2024(Updated: )
A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. It has been classified as critical. This affects the function do_setNTP of the component POST Request Handler. The manipulation of the argument NtpDstStart/NtpDstEnd leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Trendnet Tew-825dap | =1.0.2.0 | |
Trendnet TEW-815DAP Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-0919 has been classified as critical.
To fix CVE-2024-0919, update the TRENDnet TEW-815DAP firmware to a version that addresses the vulnerability.
CVE-2024-0919 affects the POST Request Handler component in the TRENDnet TEW-815DAP firmware.
CVE-2024-0919 is a command injection vulnerability.
If exploited, CVE-2024-0919 could allow an attacker to execute arbitrary commands on the affected device.