CNNVD-202512-4879 Information

CNNVD ID

CNNVD-202512-4879

Related CVE

CVE-2025-15137

• CNNVD Published: 2025-12-28

Description (Chinese)

TRENDnet TEW-800MB是美国趋势网络（TRENDnet）公司的一款双频无线路由器。 TRENDnet TEW-800MB 1.0.1.0版本存在命令注入漏洞，该漏洞源于文件NTPSyncWithHost.cgi中函数sub_F934的错误操作，可能导致命令注入。

Description (English)

TRENDnet TEW-800MB is a dual-frequency wireless router for Trendnet. Version 1.0.1.0 of TRENDnet TEW-800MB contains a command-injecting loophole, which stems from the error of the sub F934 function in NTPSyncWithHost.cgi, which may lead to the command-injection.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

趋势网络

Published

2025-12-28

Last Modified

2026-02-24

References

https://pentagonal-time-3a7.notion.site/TRENDnet-TEW-800MB-NTP-2c7e5dd4c5a580f999adcaff2c31978b https://vuldb.com/?id.338515 https://vuldb.com/?submit.714241 https://vuldb.com/?ctiid.338515 https://access.redhat.com/security/cve/cve-2025-15137