TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow
CVE-2023-0617

7.5HIGH

Key Information:

Vendor: TRENDNet
Status: TEW-811DRU
Vendor: CVE Published:; 1 February 2023

What is CVE-2023-0617?

A remote-exploitable buffer overflow vulnerability exists in the TRENDNet TEW-811DRU 1.0.10.0 router. This issue originates from improper handling of inputs in the '/wireless/guestnetwork.asp' file, potentially allowing an attacker to manipulate memory and execute arbitrary code. The vulnerability has been publicly disclosed, making affected devices particularly susceptible to exploitation.

Affected Version(s)

TEW-811DRU 1.0.10.0

References

https://vuldb.com/?id.219957

vdb-entrytechnical-descriptionexploit

https://vuldb.com/?ctiid.219957

signature

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2023
Vulnerability Reserved
Feb 1, 2023

Credit

leetsun (VulDB User)