ГлавнаяУязвимости → CVE-2025-15472
7.2высокая

CVE-2025-15472

Описание

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL  of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Затрагиваемое ПО
Trendnet Tew-811dru firmwareTrendnet Tew-811dru
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://pentagonal-time-3a7.notion.site/TrendNet-TEW-811DRU-2d2e5dd4c5a58016a612e99853b835f8https://vuldb.com/?ctiid.339722https://vuldb.com/?id.339722https://vuldb.com/?submit.721874