Buffer Overflow Vulnerability in TRENDnet TEW-752DRU Could Lead to Device Crash or Arbitrary Code Execution
CVE-2024-42813

9.8CRITICAL

Key Information:

Vendor: TRENDnet
Status: Tew-752dru Firmware
Vendor: CVE Published:; 19 August 2024

What is CVE-2024-42813?

A buffer overflow vulnerability has been identified in the TRENDnet TEW-752DRU router, specifically in the gena.cgi service field where there is an absence of length verification. This flaw allows attackers to corrupt memory, potentially leading to device crashes or the execution of arbitrary commands on the affected device. Immediate remediation measures should be implemented to protect against unauthorized access and exploitation.

References

https://gist.github.com/XiaoCurry/204680035c1efffa27d1495...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2024

CVE-2024-42813 Data

JSON