Command Injection Vulnerability in TRENDnet TEW-827DRU Devices
CVE-2020-14081
8.8HIGH
What is CVE-2020-14081?
TRENDnet TEW-827DRU devices running firmware versions up to 2.06B04 are susceptible to command injection vulnerabilities found in the apply.cgi script. This issue arises through the action send_log_email, where an authenticated user can exploit the device by manipulating the key parameters auth_acname or auth_passwd. Successful exploitation allows them to execute arbitrary commands on the affected device, potentially compromising the device's integrity and security.
