A vulnerability has been found in TRENDnet TEW-632BRP and TEW-673GRU (version unknown) and classified as critical. This vulnerability affects an unknown function of the file apply.cgi. The manipulation as part of a POST Request leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).

The bug was discovered 12/07/2018. The weakness was shared 12/20/2018 as not defined mailinglist post (Full-Disclosure). The advisory is available at seclists.org. This vulnerability was named CVE-2018-19242 since 11/13/2018. The exploitation appears to be easy. The attack can be initiated remotely. The successful exploitation requires a single authentication. Technical details are known, but there is no available exploit.

The vulnerability was handled as a non-public zero-day exploit for at least 13 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entries 128251, 128252 and 128253 are related to this item.

Productinfo

Vendor

• TRENDnet

Name

• TEW-632BRP
• TEW-673GRU

License

• commercial

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion