Command Injection Vulnerability in TRENDnet TEW-827DRU Devices
CVE-2020-14075
8.8HIGH
What is CVE-2020-14075?
The TRENDnet TEW-827DRU devices, running firmware version 2.06B04 and earlier, are susceptible to command injection vulnerabilities that can be exploited by an authenticated user. By manipulating certain parameters associated with PPPoE and DHCP connections, such as 'wan_ifname' or 'wan0_dns', an attacker could execute arbitrary commands on the device. This exploitation can potentially lead to unauthorized access and control over the device, posing significant security risks.
