CVE-2025-8757

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: TRENDnet TV-IP110WN version 1.2.2

Description: A vulnerability exists in TRENDnet TV-IP110WN version 1.2.2 related to an unknown functionality of the file /server/boa.conf within the Embedded Boa Web Server component. This issue results in a least privilege violation and requires local access for exploitation. The complexity of the attack is high, and exploitation is considered difficult. The exploit has been publicly disclosed, and the vendor was notified but did not respond.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-272

Related Identifiers

BDU:2025-09663

CVE-2025-8757

Affected Products

Embedded Web Server

Trendnet Tv-Ip110Wn

CVE-2025-8757

Weakness Enumeration

Related Identifiers

Affected Products

References · 10