CVE-2024-22546

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-815DAP version 1.0.2.0

Description The issue allows for Command Injection via the do setNTP function. An authenticated attacker with administrator privileges can exploit this over the network by sending a malicious POST request.

Recommendations For TRENDnet TEW-815DAP version 1.0.2.0, consider disabling the do setNTP function until a patch is available to prevent exploitation. Restrict access to the device to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.