Stack Overflow Vulnerability in TRENDnet TEW-814DAP Router
CVE-2024-37643

Currently unrated

Key Information:

Vendor: TRENDnet
Status: TEW-814DAP
Vendor: CVE Published:; 14 June 2024

What is CVE-2024-37643?

A vulnerability has been identified in the TRENDnet TEW-814DAP router that allows attackers to exploit a stack overflow through the submit-url parameter within the /formPasswordAuth endpoint. This can lead to unauthorized access or execution of arbitrary code, posing significant risks to the integrity and confidentiality of device functions. Users of the affected firmware version should take immediate action to mitigate potential threats.

References

https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main...

Timeline

Vulnerability published
Jun 14, 2024
Vulnerability Reserved
Jun 10, 2024