What is CVE-2023-49237?

CVE-2023-49237 is a vulnerability in N/a. Published 2024-01-09.

Is CVE-2023-49237 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-49237

An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.

EPSS: 0.698 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

drive.google.com/file/d/1lTloBkH_7zAz1ZbFVSZnfpoPd81aPaHx/view
github.com/pcsle37/TRENDnet/blob/main/TRENDnet_vul.pdf

Frequently asked questions

What is CVE-2023-49237?: CVE-2023-49237 is a vulnerability in N/a. Published 2024-01-09.
Is CVE-2023-49237 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.