CVE-2024-22546

medium

Description

TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.

References

https://www.trendnet.com/support/support-detail.asp?prod=105_TEW-815DAP

https://warp-desk-89d.notion.site/TEW-815DAP-94a631c20dee4f399268dbcc880f1f4c

Details

Source: Mitre, NVD

Published: 2024-04-30

Updated: 2025-04-01

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.4

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

EPSS

EPSS: 0.00416