CVE-2022-30329

Vulnerability

The TRENDnet TEW-831DR router firmware version 1.0 601.130.1.1356 contains an OS command injection vulnerability within its web interface. The issue is triggered through an unspecified input field that fails to sanitize user-supplied data before passing it to a shell command. An attacker must have valid administrator credentials to access the vulnerable functionality [1].

Exploitation

An attacker with valid credentials can send crafted HTTP requests to the router's web interface. By injecting shell metacharacters (e.g., ;, |, &&) into a parameter that is later used in a system command, the attacker's arbitrary command is executed on the device. No other network position or user interaction is required beyond the authenticated session [1].

Impact

Successful exploitation allows the attacker to execute arbitrary shell commands with the privileges of the web server process (typically root). This results in full compromise of the device, including arbitrary file read, write, and execution, configuration changes, and potential use as a pivot point into the internal network [1].

Mitigation

As of the publication date (2022-06-16), no firmware update had been released to address this vulnerability. No workarounds were documented in the available references. Users are advised to restrict administrative access to the router to trusted networks only and monitor vendor advisories for a patched firmware version [1].