CVE-2023-23120

CVSS V2 None CVSS V3 None
Description
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.
Overview
  • CVE ID
  • CVE-2023-23120
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-02T17:17:55
  • Last Modified Date
  • 2023-02-09T21:52:42
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:trendnet:tv-ip651wi_firmware:*:*:*:*:*:*:*:* 1 OR 1.07.01
cpe:2.3:h:trendnet:tv-ip651wi:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzci Exploit Third Party Advisory
https://www.trendnet.com/support/ Vendor Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 07:07:18 Added to TrackCVE
2023-04-17 07:07:21 Weakness Enumeration new