Buffer overflow

2018-12-2023:29:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.6%

JSON

Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).

CPENameOperatorVersion
tew-632brp_firmwareeq1.10.0-b32
tew-673gru_firmwareeq1.0.0-b40

CPE	Name	Operator	Version
	tew-632brp_firmware	eq	1.10.0-b32
	tew-673gru_firmware	eq	1.0.0-b40

References

packetstormsecurity.com/files/150693/TRENDnet-Command-Injection-Buffer-Overflow-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2018/Dec/21