{"api_version":"1","generated_at":"2026-04-23T14:45:33+00:00","cve":"CVE-2023-0618","urls":{"html":"https://cve.report/CVE-2023-0618","api":"https://cve.report/api/cve/CVE-2023-0618.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0618","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0618"},"summary":{"title":"CVE-2023-0618","description":"A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability.","state":"PUBLIC","assigner":"cna@vuldb.com","published_at":"2023-02-01 17:15:00","updated_at":"2023-11-07 04:01:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://vuldb.com/?ctiid.219958","name":"https://vuldb.com/?ctiid.219958","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"403","archivestatus":"404"},{"url":"https://vuldb.com/?id.219958","name":"https://vuldb.com/?id.219958","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"403","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0618","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0618","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"618","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"trendnet","cpe5":"tew-652brp","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"618","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"trendnet","cpe5":"tew-652brp_firmware","cpe6":"3.04b01","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-0618","ASSIGNER":"cna@vuldb.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability."},{"lang":"deu","value":"In TRENDnet TEW-652BRP 3.04B01 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei cfg_op.ccp der Komponente Web Service. Mit der Manipulation mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-119 Memory Corruption","cweId":"CWE-119"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"TRENDnet","product":{"product_data":[{"product_name":"TEW-652BRP","version":{"version_data":[{"version_affected":"=","version_value":"3.04B01"}]}}]}}]}},"references":{"reference_data":[{"url":"https://vuldb.com/?id.219958","refsource":"MISC","name":"https://vuldb.com/?id.219958"},{"url":"https://vuldb.com/?ctiid.219958","refsource":"MISC","name":"https://vuldb.com/?ctiid.219958"}]},"credits":[{"lang":"en","value":"leetsun (VulDB User)"}],"impact":{"cvss":[{"version":"3.1","baseScore":7.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseSeverity":"HIGH"},{"version":"3.0","baseScore":7.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseSeverity":"HIGH"},{"version":"2.0","baseScore":7.8,"vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}]}},"nvd":{"publishedDate":"2023-02-01 17:15:00","lastModifiedDate":"2023-11-07 04:01:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:trendnet:tew-652brp_firmware:3.04b01:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:trendnet:tew-652brp:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}