CVE-2022-30327

Description

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.

Related CPE's

otrendnettew-831dr_firmware1.0_601.130.1.1356*******

htrendnettew-831dr-*******

References

https://research.nccgroup.com/2022/06/10/technical-advisory-multiple-vulnerabilities-in-trendnet-tew-831dr-wifi-router-cve-2022-30325-cve-2022-30326-cve-2022-30327-cve-2022-30328-cve-2022-30329/

ExploitThird Party Advisory

https://research.nccgroup.com/?research=Technical+advisories

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

4.300000190734863

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io