CVE-2022-35203 : An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attac

An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information.

Published 2022-08-23 13:15:08

Updated 2022-08-25 02:42:13

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2022-35203

Trendnet » Tv-ip572pi Firmware » Version: 1.0
cpe:2.3:o:trendnet:tv-ip572pi_firmware:1.0:*:*:*:*:*:*:*
Matching versions
When used together with: Trendnet » Tv-ip572pi » Version: N/A

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 37 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Assigned by: nvd@nist.gov (Primary)

https://medium.com/@shrutukapoor25/cve-2022-35203-2372a0728279

CVE-2022–35203. An access control issue in TrenDnet | by Shruti kapoor | Medium
Exploit;Third Party Advisory
http://tv-ip572pi.com

Broken Link
http://trendnet.com

TRENDnet | Networks People Trust
Product

CVEs referencing this url

Jump to