There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb[%d].username in the apply.cgi interface, thereby gaining root shell privileges.
The vulnerability is located in the router's apply.cgi interface and consists of insufficient input data validation in POST request parameters — specifically in the 'usapps.@smb[%d].username' parameter. An attacker can inject arbitrary system commands through a specially crafted HTTP POST request. Since the attack requires no authentication or user interaction, and the attack vector is network-based, the vulnerability is particularly dangerous for devices accessible from the Internet.
An attacker gains an interactive system shell session (root shell) on the device, which means full takeover of the router — ability to modify network configuration, intercept traffic, install malware, and use the device as a launching point for further attacks on the internal network.
Patches available from the manufacturer should be applied according to references. Until an update is applied, it is recommended to restrict access to the router's management interface only to trusted hosts on the local network and block access to the admin panel from the WAN side.
TRENDnet TEW-827DRU router with firmware version 2.10B01
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HTrendnet Tew 827dru
HWTrendnetwszystkie wersjeTrendnet Tew 827dru Firmware
OSTrendnet2.10b01
Related vulnerabilities
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for...
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and re...
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The route...
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The...
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overf...