CVE-2024-28353 | TRENDnet TEW-827DRU 2.10B01 POST Request apply.cgi usapps.config.smb_admin_name command injection

Inserito da Angelo Barbosa | Mar 15, 2024 | CVE

A vulnerability was found in TRENDnet TEW-827DRU 2.10B01 and classified as critical. Affected by this issue is some unknown functionality of the file apply.cgi of the component POST Request Handler. The manipulation of the argument usapps.config.smb_admin_name leads to command injection.

This vulnerability is handled as CVE-2024-28353. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-28353 | TRENDnet TEW-827DRU 2.10B01 POST Request apply.cgi usapps.config.smb_admin_name command injection

Post correlati

CVE-2024-39598 | SAP CRM WebClient UI S4FND 102 up to WEBCUIF 800 HTTP Endpoint server-side request forgery

CVE-2024-35967 | Linux Kernel up to 5.10.215/6.1.86/6.6.27/6.8.6 Bluetooth include/linux/sockptr.h sco_sock_setsockopt out-of-bounds

CVE-2024-27056 | Linux Kernel up to 6.7.10 wifi allocation of resources (ed35a509390e/78f65fbf421a)

CVE-2024-31546 | Computer Laboratory Management System 1.0 view_damage.php id sql injection