TRENDnet TEW-800MB Command Injection Vulnerability in NTPSyncWithHost.cgi

Vulnerability

A critical command injection vulnerability has been identified in the TRENDnet TEW-800MB router, specifically in version 1.0.1.0. The issue resides in the NTPSyncWithHost.cgi file, within the sub_F934 function. This vulnerability allows authenticated attackers, or those with a valid CSRF token, to execute arbitrary shell commands with root privileges on the device. The vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for command injection, with the executed commands running as root on the affected device.

Added: Dec 28, 2025, 2:19 PM

Updated: Dec 28, 2025, 2:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-800MB Command Injection Vulnerability in NTPSyncWithHost.cgi

Vulnerability

Impact

Affected Products

TRENDnet TEW-800MB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating