CVE-2018-19242
HIGH8.8CVSS v3
6.5CVSS v2
2.88%
EPSS (exploit probability)
CWE-119CWE
Description
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
CVSS v3 vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected routers (2)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| TRENDnet | TRENDnet TEW-632BRP | — |
— | — | Unpatched |
| TRENDnet | TRENDnet TEW-673GRU | — |
— | — | Unpatched |