TRENDnet TEW-432BRP Stack-Based Buffer Overflow Vulnerability in formSetPortTr

A stack-based buffer overflow vulnerability has been identified in the TRENDnet TEW-432BRP router, specifically in version 3.10B20. The issue arises in the formSetPortTr function within the /goform/formSetPortTr file. The vulnerability can be exploited remotely by manipulating the special_name argument, leading to a buffer overflow on the stack. This flaw allows for arbitrary code execution, as the unchecked input can overwrite the return address of the function. The vulnerability is particularly concerning as the product has been end-of-life since 2009, and the vendor has stated that they are unable to replicate or fix any vulnerabilities for unsupported products.

Impact

Exploitation of this vulnerability causes the router to crash, disrupting its normal service and functionality.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/formSetPortTr endpoint. Include a long string in the special_name parameter, exceeding the buffer limit. The router will crash, indicating a successful exploitation of the buffer overflow.