TEW-827DRU WIRELESS ROUTER COMMAND INJECTION VULNERABILITIES
CVE ID: CVE-2024-28353, CVE-2024-28354
TRENDnet has received report of the command injection vulnerability and known vulnerabilities in the cgi interface with TEW-827DRU hardware version 2.xR Firmware 2.10.B01 and earlier. When exploited successfully, the attacker can have root access to the device. TRENDnet has released firmware update to address these vulnerabilities, please click on the link below to go to the product's download page. Or, you can login to the device's management (http://TEW-827DRU) and click on the new firmware available notification on the upper right hand side to perform the firmware upgrade.
https://www.trendnet.com/support/support-detail.asp?prod=105_TEW-827DRU
REVISION:
4/2/2024 Initial release