Stack-based Buffer Overflow in TRENDnet TEW-827DRU Router
CVE-2020-14076
8.8HIGH
What is CVE-2020-14076?
TRENDnet TEW-827DRU devices prior to version 2.06B04 are vulnerable to a stack-based buffer overflow due to improper handling of input within the ssi binary. An authenticated user can exploit this vulnerability by POSTing a maliciously crafted request to apply.cgi with the actions st_dev_connect, st_dev_disconnect, or st_dev_rconnect. This can lead to arbitrary code execution, potentially allowing the attacker to gain unauthorized control over the device. Ensure that you are using the latest firmware to mitigate this risk.
