TRENDnet TEW-821DAP Firmware Update Handler Data Integrity Vulnerability

A vulnerability exists in the TRENDnet TEW-821DAP access point, specifically in firmware versions up to 1.12B01. The issue arises in the Firmware Update Handler component, within the function platform_do_upgrade_cameo_dev of the cameo_dev.sh file. This vulnerability allows for insufficient verification of data authenticity during the firmware update process. The integrity check, which relies on CRC32, can be easily bypassed. An attacker could exploit this by crafting a malicious firmware image that matches the CRC32 value of a legitimate update, thereby evading the integrity verification. Once the compromised firmware is accepted, it could be installed on the device, potentially leading to arbitrary code execution or a denial-of-service condition.

Impact

Exploitation of this vulnerability could result in unauthorized firmware being installed on the device, which could execute arbitrary code or cause a denial-of-service condition.