| शीर्षक | Trendnet TEW-821DAP v1.12B01 CWE-327 Use of a Broken or Risky Cryptographic Algorithm |
|---|
| विवरण | During the firmware update process, there is firmware integrity verification vulnerability in function platform_do_upgrade_cameo_dev() of program cameo_dev.sh. Function platform_do_upgrade_cameo_dev() performs the firmware integrity verification through CRC32 which could be easily be bypassed. Once the hackers obtain the CRC32 value they could could craft a compromised firmware with the same CRC value as the new firmware to bypass the integrity verification. Then, the compromised firmware which could cause arbitrary code execution or denial of service can be written into the IoT device through the firmware update. |
|---|
| स्रोत | ⚠️ https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_Inte.md |
|---|
| उपयोगकर्ता | IOT_Res (UID 81722) |
|---|
| सबमिशन | 16/04/2026 04:43 AM (2 महीनों पहले) |
|---|
| संयम | 01/05/2026 02:08 PM (15 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 360568 [TRENDnet TEW-821DAP तक 1.12B01 Firmware Update cameo_dev.sh platform_do_upgrade_cameo_dev कमजोर प्रमाणीकरण] |
|---|
| अंक | 20 |
|---|