CVE-2023-49236

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 9, 2024

Updated: Jan 12, 2024

CWE ID 787

Summary

CVE-2023-49236 is a newly discovered vulnerability affecting TRENDnet TV-IP1314PI devices running firmware version 5.5.3 200714. This issue involves a stack-based buffer overflow, which arises due to insufficient length validation during the handling of a user-entered scale field in the RTSP playback function of the davinci software. Successful exploitation of this vulnerability allows an attacker to execute arbitrary commands on the targeted device.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TRENDnet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tilOwx
https://www.cve.org/CVERecord?id=CVE-2023-49236
https://nvd.nist.gov/vuln/detail/CVE-2023-49236

Back to Vulnerability Database

CVE-2023-49236

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations