The vulnerability in the apply.cgi interface of TRENDnet’s TEW-827DRU router software allows a hacker to elevate their privileges to the root user level.

The vulnerability of the apply.cgi interface of TRENDnet TEW-827DRU router microprogramming system is related to the lack of measures taken to neutralize special elements used in the OS command. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to root user...

VulnCheck KEV: CVE-2018-9285

MainAnalysisContent.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.38410007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before...

The vulnerability of the apply.cgi component in ASUS’ microprogramming software for routers allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the apply.cgi component in ASUS router microprogramming systems exists due to the lack of measures taken to neutralize the special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the...