First published: Thu Dec 20 2018(Updated: )
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trendnet Tew-632brp Firmware | =1.010b32 | |
TRENDnet TEW-632BRP | ||
Trendnet Tew-673gru Firmware | =1.00b40 | |
TRENDnet TEW-673GRU |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-19242 is a vulnerability that exists in TRENDnet TEW-632BRP and TEW-673GRU devices, which allows attackers to hijack the control flow by crafting a specific POST request payload.
CVE-2018-19242 has a severity rating of 8.8 (high).
CVE-2018-19242 affects TRENDnet TEW-632BRP devices with firmware version 1.010B32, allowing attackers to exploit a buffer overflow vulnerability.
CVE-2018-19242 affects TRENDnet TEW-673GRU devices with firmware version 1.01B40, allowing attackers to exploit a buffer overflow vulnerability.
To fix CVE-2018-19242, it is recommended to update the firmware of the affected devices to a version that addresses this vulnerability.