We found a stack buffer overflow vulnerability at **TEW-755AP (**Firmware version TEW755AP-FW113B01.bin).

In the function set_sta_enrollee_pin_5g of the file /www/cgi/ssi, the value of g is directly copied to stack buffer v6 without size check.

Similar to other vulnerabilities, an attacker can trigger this vulnerability by sending a very long string in the post data to apply.cgi, and finally can perform Remote Code Execution attack.

Fix Suggestion:

Use snprintf to perform avoid buffer overflow