CVE-2018-19242
HIGHTRENDnet TEW-632BRP/TEW-673GRU <1.010B32 - Buffer Overflow
Title source: llmDescription
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/150693/TRENDnet-Command-Injection-Buffer-Overflow-Cross-Site-Scripting.html
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2018/Dec/21
Scores
CVSS v3
8.8
EPSS
0.0288
EPSS Percentile
86.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (2)
trendnet/tew-632brp_firmware
1.010b32
trendnet/tew-673gru_firmware
1.00b40
Published
Dec 20, 2018
Tracked Since
Feb 18, 2026