제출 #842385: Trendnet TEW-821DAP v1.11B03 CWE-78 Improper Neutralization of Special Elements used in an OS정보

제목Trendnet TEW-821DAP v1.11B03 CWE-78 Improper Neutralization of Special Elements used in an OS
설명During the firmware update process, there is command injection vulnerability in function sub_41FBD0 of program ssi. In the NTP client configuration, the variable hostname is directly concatenated into the NTP time synchronization command. However, this variable is propagated from the user input without any verification. Once the hackers control the user input, malicious command could be injected into the NTP time synchronization command.
원천⚠️ https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_CI5.md
사용자
 IOT_Res (UID 81722)
제출2026. 05. 29. AM 08:57 (1 월 ago)
모더레이션2026. 07. 11. PM 12:12 (1 month later)
상태수락
VulDB 항목377794 [TRENDnet TEW-821DAP 1.11B03 Firmware Update /goform/system_ntp sub_41FBD0 호스트 이름 권한 상승]
포인트들20

Might our Artificial Intelligence support you?

Check our Alexa App!