ID
VAR-202212-2437
CVE
CVE-2022-46591
TITLE
TRENDnet TEW755AP Out-of-bounds write vulnerability in
Trust: 0.8
DESCRIPTION
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reject_url parameter in the reject (sub_41BD60) function. TRENDnet TEW755AP Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TEW-755AP is a router produced by TRENDnet. There is a stack overflow vulnerability in TRENDnet TEW-755AP, which originates from the fact that the reject_url parameter in the reject (sub_41BD60) function lacks a size check on the input data, and attackers can exploit this vulnerability to execute arbitrary code on the system
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | trendnet | model: | tew-755ap | scope: | eq | version: | 1.13b01 | Trust: 1.0 |
| vendor: | trendnet | model: | tew-755ap | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | trendnet | model: | tew-755ap | scope: | eq | version: | tew-755ap firmware 1.13b01 | Trust: 0.8 |
| vendor: | trendnet | model: | tew-755ap 1.13b01 | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
| problemtype: | Out-of-bounds writing (CWE-787) [NVD evaluation ] | Trust: 0.8 |
THREAT TYPE
remote
Trust: 0.6
TYPE
buffer error
Trust: 0.6
PATCH
| title: | Top Page | url: | https://www.trendnet.com/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-46591 | Trust: 3.9 |
| db: | JVNDB | id: | JVNDB-2022-003840 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2023-18953 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202212-4166 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2022-46591 | Trust: 0.1 |
REFERENCES
| url: | https://brief-nymphea-813.notion.site/vul2-tew755-bof-reject-0ed4829f416d4d2b86a3bce6792cab95 | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-46591 | Trust: 1.4 |
| url: | https://cxsecurity.com/cveshow/cve-2022-46591/ | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
SOURCES
| db: | CNVD | id: | CNVD-2023-18953 |
| db: | VULMON | id: | CVE-2022-46591 |
| db: | JVNDB | id: | JVNDB-2022-003840 |
| db: | CNNVD | id: | CNNVD-202212-4166 |
| db: | NVD | id: | CVE-2022-46591 |
LAST UPDATE DATE
2025-04-11T23:03:48.235000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2023-18953 | date: | 2023-03-22T00:00:00 |
| db: | VULMON | id: | CVE-2022-46591 | date: | 2022-12-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-003840 | date: | 2023-03-09T07:27:00 |
| db: | CNNVD | id: | CNNVD-202212-4166 | date: | 2023-01-06T00:00:00 |
| db: | NVD | id: | CVE-2022-46591 | date: | 2025-04-11T15:15:41.293 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2023-18953 | date: | 2023-03-24T00:00:00 |
| db: | VULMON | id: | CVE-2022-46591 | date: | 2022-12-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-003840 | date: | 2023-03-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-202212-4166 | date: | 2022-12-30T00:00:00 |
| db: | NVD | id: | CVE-2022-46591 | date: | 2022-12-30T21:15:10.560 |