TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption
CVE-2023-0618

7.5HIGH

Key Information:

Vendor: TRENDnet
Status: TEW-652BRP
Vendor: CVE Published:; 1 February 2023

What is CVE-2023-0618?

A memory corruption vulnerability exists in the TRENDnet TEW-652BRP 3.04B01, specifically within the web service component's cfg_op.ccp file. This issue allows an attacker to manipulate memory, potentially leading to unexpected behaviors or unauthorized access. The vulnerability can be exploited remotely, raising concerns for devices exposed to the internet. As this exploit has been publicly disclosed, it underscores the importance of patching and securing affected systems to mitigate potential attacks.

Affected Version(s)

TEW-652BRP 3.04B01

References

https://vuldb.com/?id.219958

vdb-entrytechnical-descriptionexploit

https://vuldb.com/?ctiid.219958

signature

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2023
Vulnerability Reserved
Feb 1, 2023

Credit

leetsun (VulDB User)