CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14077

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a sufficiently long wps_sta_enrollee_pin key.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2020-14077

Trendnet » Tew-827dru » Version: N/A

cpe:2.3:h:trendnet:tew-827dru:-
Trendnet » Tew-827dru Firmware » Version: N/A

cpe:2.3:o:trendnet:tew-827dru_firmware:-
Trendnet » Tew-827dru Firmware » Version: 1.04b01

cpe:2.3:o:trendnet:tew-827dru_firmware:1.04b01
Trendnet » Tew-827dru Firmware » Version: 2.04

cpe:2.3:o:trendnet:tew-827dru_firmware:2.04
Trendnet » Tew-827dru Firmware » Version: 2.04b03

cpe:2.3:o:trendnet:tew-827dru_firmware:2.04b03
Trendnet » Tew-827dru Firmware » Version: 2.05b11

cpe:2.3:o:trendnet:tew-827dru_firmware:2.05b11
Trendnet » Tew-827dru Firmware » Version: 2.06b04

cpe:2.3:o:trendnet:tew-827dru_firmware:2.06b04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14077

Products

Pricing

Contact Us