CVE-2025-8757

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://vuldb.com/?ctiid.319262", "name": "VDB-319262 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": [], "refsource": ""}, {"url": "https://vuldb.com/?id.319262", "name": "VDB-319262 | TRENDnet TV-IP110WN Embedded Boa Web Server boa.conf least privilege violation", "tags": [], "refsource": ""}, {"url": "https://vuldb.com/?submit.624257", "name": "Submit #624257 | TRENDnet TV-IP110WN 1.2.2 Misconfiguration", "tags": [], "refsource": ""}, {"url": "https://www.notion.so/23e54a1113e780569260e231993bdf61", "name": "https://www.notion.so/23e54a1113e780569260e231993bdf61", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-266"}, {"lang": "en", "value": "CWE-272"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-8757", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}}, "publishedDate": "2025-08-09T15:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-09T15:15Z"}