TRENDnet TEW-651BR 2.04B1 devices Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) Vulnerability


TRENDnet TEW-651BR 2.04B1 devices suffers from improper neutralization of special elements used in an os command (‘OS Command Injection’) vulnerability


The information has been provided by Vendor

The original article can be found at:


An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1. parameter.


Vulnerable Systems:

TRENDnet TEW-651BR 2.04B1 devices

TRENDnet TEW-652BRP 3.04b01 devices

TRENDnet TEW-652BRU 1.00b12 devices


CVE Information:



Disclosure Timeline:
Published Date:12/18/2019

Categories: News