Cyber Resilience

CVE-2024-37642

CriticalPublic PoCRCE

Published: 14 June 2024

Published
14 June 2024
Modified
27 May 2025
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.2175 95.9th percentile
Risk Priority 31 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-37642 is a critical-severity Command Injection (CWE-77) vulnerability in Trendnet Tew-814Dap Firmware. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

TRENDnet TEW-814DAP version 1 running firmware FW1.01B01 contains a command injection vulnerability in the system check functionality. The flaw, tracked as CVE-2024-37642 and assigned CWE-77, allows unsanitized input passed through the ipv4_ping and ipv6_ping parameters to the /formSystemCheck endpoint to be executed by the device. It received a CVSS 3.1 score of 9.1 reflecting network attack vector, low complexity, and no required authentication or user interaction.

An unauthenticated attacker with network access can supply crafted values to these parameters and achieve arbitrary command execution on the access point. Successful exploitation grants the ability to read or modify sensitive data and alter device behavior while availability impact remains limited according to the provided scoring.

The two referenced GitHub reports document the discovery but contain no vendor advisory, firmware update, or mitigation guidance. The associated EPSS score has remained steady at 0.2175 with no material increase observed since publication.

EU & UK References

Vulnerability details

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Command injection via web interface parameters (ipv4_ping, ipv6_ping) in a network access point enables remote code execution, mapping to exploitation of public-facing applications/remote services and Unix shell command execution.

Affected Assets

trendnet
tew-814dap firmware
1.01b01

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References