CVE-2023-0611

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-652BRP version 3.04B01

Description A critical issue has been found in the Web Management Interface of the TRENDnet TEW-652BRP, specifically in the file get set.ccp. This issue leads to command injection, allowing a remote attacker to execute arbitrary code. The exploit has been disclosed to the public and may be used. The attack may be initiated remotely.

Recommendations For TRENDnet TEW-652BRP version 3.04B01, as a temporary workaround, consider disabling the Web Management Interface until a patch is available. Restrict access to the get set.ccp file to minimize the risk of exploitation. Avoid using the Web Management Interface remotely until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.