CVE-2019-11399

An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:trendnet:tew-651br_firmware:2.04b1:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-651br:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:trendnet:tew-652brp_firmware:3.04b01:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-652brp:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:trendnet:tew-652bru_firmware:1.00b12:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-652bru:-:*:*:*:*:*:*:*

Information

Published : 2019-12-18 07:15

Updated : 2019-12-23 09:51


NVD link : CVE-2019-11399

Mitre link : CVE-2019-11399


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

trendnet

  • tew-652brp_firmware
  • tew-651br_firmware
  • tew-651br
  • tew-652brp
  • tew-652bru
  • tew-652bru_firmware