Command Injection Vulnerability in TRENDnet TEW-815DAP Router
CVE-2024-22546

Currently unrated

Key Information:

Vendor: TRENDnet
Status: TEW-815DAP
Vendor: CVE Published:; 30 April 2024

What is CVE-2024-22546?

The TRENDnet TEW-815DAP version 1.0.2.0 is susceptible to a command injection flaw within the do_setNTP function. This vulnerability allows an authenticated user with administrator rights to execute arbitrary commands through a specially crafted POST request over the network, potentially compromising the device's integrity and allowing further exploitation of the network environment.

References

https://www.trendnet.com/support/support-detail.asp?prod=...

https://warp-desk-89d.notion.site/TEW-815DAP-94a631c20dee...

Timeline

Vulnerability published
Apr 30, 2024