The vulnerability in the apply.cgi interface of TRENDnet’s TEW-827DRU router software allows a hacker to elevate their privileges to the root user level.

The vulnerability of the apply.cgi interface of TRENDnet TEW-827DRU router microprogramming system is related to the lack of measures taken to neutralize special elements used in the OS command. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to root user...

PT-2024-2195 · Trendnet · Trendnet Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU router version 2.10B01 Description: There is a command injection issue in the apply.cgi interface, allowing an attacker to inject commands into the post request parameters usapps.config.smb admin name, thereby gaining root...