Command Injection Vulnerability in TRENDnet TEW-814DAP

CVE-2024-37642

What is CVE-2024-37642?

The TRENDnet TEW-814DAP device has been identified with a command injection flaw that arises through improper input validation in the ipv4_ping and ipv6_ping parameters within the /formSystemCheck endpoint. This vulnerability permits an attacker to execute arbitrary commands on the underlying system, potentially compromising network and user data security. Users are advised to remain vigilant regarding this issue and implement security measures to mitigate the risks associated with the exploitation of this vulnerability.

References