| عنوان | TRENDnet TEW-800mb v1.0.1.0 Command Injection |
|---|
| الوصف | A command injection vulnerability has been discovered in the TRENDnet TEW-800MB AC1200 Dual Band Wireless Media Bridge. The device is intended to provide high-speed wireless connectivity for network-enabled equipment such as smart TVs, media players, and gaming consoles.
The vulnerability is located in the device’s web management interface and allows an authenticated attacker to execute arbitrary shell commands with root privileges. Because the management interface is exposed on the network and many users deploy the device using its default username and password, a remote attacker could exploit this weakness with minimal effort.
Attempts have been made to notify Trendnet regarding this issue, but no response has been received. |
|---|
| المصدر | ⚠️ https://pentagonal-time-3a7.notion.site/TRENDnet-TEW-800MB-2c7e5dd4c5a58067bc81e530bf3191c0 |
|---|
| المستخدم | Anonymous User |
|---|
| ارسال | 12/12/2025 10:32 AM (4 أشهر منذ) |
|---|
| الاعتدال | 27/12/2025 11:02 AM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 338514 [TRENDnet TEW-800MB 1.0.1.0 Management Interface /goform/wizardset do_setWizard_asp WizardConfigured تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|