CVE-2025-2958

MEDIUM

TRENDnet TEW-818DRU 1.0.14.6 - DoS

Title source: llm

Description

A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (5)

[Exploit, Third Party Advisory] https://docs.google.com/document/d/1DHUsUpeizmqFbJe_0SjsJvCFspPeFDaK/edit#heading=h.gjdgxs

[Exploit] https://drive.google.com/file/d/1SbZ63uqg6QJYjPFcLY5wBqWrh-NMrnZq/view?usp=drive_link

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.302011

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.302011

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.521723

Scores

CVSS v3 6.5

EPSS 0.0072

EPSS Percentile 72.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-404

Status published

Affected Products (1)

trendnet/tew-818dru_firmware

Timeline

Published Mar 30, 2025

Tracked Since Feb 18, 2026