CVE-2021-28846

MEDIUM

Trendnet Tew-755ap Firmware - Format String Vulnerability

Title source: rule

Description

A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\n" format. The two variables seem to be put in the wrong order. The vulnerability could be triggered by sending the POST request to apply_cgi with a long and unknown key in the request body.

References (1)

[Third Party Advisory] https://github.com/zyw-200/EQUAFL/blob/main/TRENDnet%20ticket.pdf

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0031

EPSS Percentile 54.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-134

Status published

Products (4)

trendnet/tew-755ap2kac_firmware 1.11b03

trendnet/tew-755ap_firmware 1.11b03

trendnet/tew-821dap2kac_firmware 1.11b03

trendnet/tew-825dap_firmware 1.11b03

Published Aug 10, 2021

Tracked Since Feb 18, 2026