CVE-2019-11418

apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
trendnettew-632brp_firmware
1.010b32:b32
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/zyw-200/IOTFuzzer/blob/master/Trendnet_response.png
https://github.com/zyw-200/IOTFuzzer/blob/master/Trendnet_response.png