TRENDnet TEW-652BRP Web Management Interface get_set.ccp cross site scripting
CVE-2023-0639

6.1MEDIUM

Key Information:

Vendor: TRENDnet
Status: TEW-652BRP
Vendor: CVE Published:; 2 February 2023

What is CVE-2023-0639?

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019.

Affected Version(s)

TEW-652BRP 3.04b01

References

https://vuldb.com/?id.220019

vdb-entrytechnical-description

https://vuldb.com/?ctiid.220019

signature

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 2, 2023
Vulnerability Reserved
Feb 2, 2023

Credit

leetsun (VulDB User)