CVE-2023-51833

HIGH EXPLOITED

TRENDnet TEW-411BRPplus <2.07_eu - Command Injection

Title source: llm

Exploitation Summary

CVE-2023-51833 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page.

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://warp-desk-89d.notion.site/TEW-411BRPplus-9bafe26e48964be3be12eab47f77203d

Product

https://www.trendnet.com/support/support-detail.asp?prod=160_TEW-411BRPplus

Scores

CVSS v3 8.1

EPSS 0.0069

EPSS Percentile 71.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

VulnCheck KEV 2025-05-04

CWE

CWE-77

Status published

Products (1)

trendnet/tew-411brpplus_firmware 2.07_eu

Published Jan 25, 2024

Tracked Since Feb 18, 2026