Vulnerability Description
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendnet | Tv-Ip651Wi Firmware | <= 1.07.01 |
| Trendnet | Tv-Ip651Wi | - |
Related Weaknesses (CWE)
References
- https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzciExploitThird Party Advisory
- https://www.trendnet.com/support/Vendor Advisory
- https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzciExploitThird Party Advisory
- https://www.trendnet.com/support/Vendor Advisory
FAQ
What is CVE-2023-23120?
CVE-2023-23120 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware ...
How severe is CVE-2023-23120?
CVE-2023-23120 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-23120?
Check the references section above for vendor advisories and patch information. Affected products include: Trendnet Tv-Ip651Wi Firmware, Trendnet Tv-Ip651Wi.