CVE-2025-10107 | TRENDnet TEW-831DR 1.0 (601.130.1.1410) /boafrm/formSysCmd sysHost command injection

Inserito da Angelo Barbosa | Set 9, 2025 | CVE

A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410) and classified as critical. Impacted is an unknown function of the file /boafrm/formSysCmd. The manipulation of the argument sysHost leads to command injection.

This vulnerability is uniquely identified as CVE-2025-10107. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10107 | TRENDnet TEW-831DR 1.0 (601.130.1.1410) /boafrm/formSysCmd sysHost command injection

Post correlati

CVE-2024-23193 | Open-Xchange OX App Suite up to 8.21 E-Mail PDF Export access control

CVE-2024-9863 | miniOrange OTP Verification with Firebase Plugin up to 3.6.0 on WordPress Registration Privilege Escalation

CVE-2024-7509 | Trimble SketchUp Viewer 13.0.4124 SKP File Parser stack-based overflow (ZDI-24-1055)

CVE-2024-0582 | Linux Kernel io_uring Subsystem use after free