TRENDnet TEW-821DAP Command Injection Vulnerability in Firmware Update Process

A command injection vulnerability has been identified in the TRENDnet TEW-821DAP access point, affecting firmware versions prior to 1.12B01. The issue arises in the 'tools_diagnostic' function of the firmware update component, where user-inputted IP addresses are not properly sanitized before being used in network diagnostic commands. This lack of validation on shell metacharacters allows for the injection of malicious commands, which could be executed remotely.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the device, which could lead to unauthorized access or control over the device. Additionally, such exploitation could cause a denial-of-service condition, disrupting the normal operation of the device.

Reproduction

To reproduce this vulnerability, send a POST request to the 'tools_diagnostic' method with an IP address payload that includes injected commands, such as using shell metacharacters to append additional commands. The injected commands will be executed on the device, demonstrating the command injection vulnerability.