CVE-2023-23120

MEDIUM

TRENDnet TV-IP651WI <v1.07.01 - Code Injection

Title source: llm

Description

The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.

References (2)

[Exploit, Third Party Advisory] https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzci

[Vendor Advisory] https://www.trendnet.com/support/

Scores

CVSS v3 5.9

EPSS 0.0015

EPSS Percentile 34.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-354

Status published

Products (1)

trendnet/tv-ip651wi_firmware < 1.07.01

Published Feb 02, 2023

Tracked Since Feb 18, 2026