{"uuid": "f92e7a25-b215-41d5-bd8b-0fb9cd8ee274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28846", "type": "seen", "source": "https://t.me/cibsecurity/27102", "content": "\u203c CVE-2021-28846 \u203c\n\nA Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with \"%s: key len = %d, too long\\n\" format. The two variables seem to be put in the wrong order. The vulnerability could be triggered by sending the POST request to apply_cgi with a long and unknown key in the request body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-11T00:37:40.000000Z"}