RCE in Trendnet Tew-812dru

CVE-2013-3365

TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) wan network prefix to internet/ipv6.asp; (2) remote port to adm/management.asp; (3) pptp username, (4) pptp pass…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.068 (91.5th percentile) — read the EPSS interpretation.

Affected products

Trendnet Tew-812dru
N/a — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)