CVE-2019-13279

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-827DRU versions up to and including 2.04B03

Description The issue arises from multiple stack-based buffer overflows that occur when the setup wizard processes user input. This allows an unauthenticated user to execute arbitrary code. The exploitation can happen both locally within the intranet and remotely if the remote administration feature is enabled.

Recommendations For TRENDnet TEW-827DRU versions up to and including 2.04B03, consider disabling remote administration until a fix is available to minimize the risk of remote exploitation. As a temporary workaround, restrict access to the setup wizard to prevent unauthenticated users from executing arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.