Filtered by vendor Trendnet Subscriptions
Total 135 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-37053 1 Trendnet 2 Tew733gr, Tew733gr Firmware 2024-08-03 9.8 Critical
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
CVE-2022-35203 1 Trendnet 2 Tv-ip572pi, Tv-ip572pi Firmware 2024-08-03 7.2 High
An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information.
CVE-2022-33007 1 Trendnet 4 Tew-751dr, Tew-751dr Firmware, Tew-752dru and 1 more 2024-08-03 8.8 High
TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main.
CVE-2022-31873 1 Trendnet 2 Tv-ip110wn, Tv-ip110wn Firmware 2024-08-03 6.1 Medium
Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi.
CVE-2022-31875 1 Trendnet 2 Tv-ip110wn, Tv-ip110wn Firmware 2024-08-03 6.1 Medium
Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi
CVE-2022-30326 1 Trendnet 2 Tew-831dr, Tew-831dr Firmware 2024-08-03 5.4 Medium
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.
CVE-2022-30328 1 Trendnet 2 Tew-831dr, Tew-831dr Firmware 2024-08-03 6.5 Medium
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.
CVE-2022-30329 1 Trendnet 2 Tew-831dr, Tew-831dr Firmware 2024-08-03 9.8 Critical
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.
CVE-2022-30327 1 Trendnet 2 Tew-831dr, Tew-831dr Firmware 2024-08-03 6.5 Medium
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.
CVE-2022-30325 1 Trendnet 2 Tew-831dr, Tew-831dr Firmware 2024-08-03 8.8 High
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.
CVE-2023-51833 1 Trendnet 2 Tew-411brpplus, Tew-411brpplus Firmware 2024-08-02 8.1 High
A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page.
CVE-2023-49236 1 Trendnet 2 Tv-ip1314pi, Tv-ip1314pi Firmware 2024-08-02 9.8 Critical
A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci.
CVE-2023-49237 1 Trendnet 2 Tv-ip1314pi, Tv-ip1314pi Firmware 2024-08-02 9.8 Critical
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.
CVE-2023-49235 1 Trendnet 2 Tv-ip1314pi, Tv-ip1314pi Firmware 2024-08-02 9.8 Critical
An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command.
CVE-2023-24099 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2024-08-02 8.8 High
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24098 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2024-08-02 8.8 High
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24097 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2024-08-02 8.8 High
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24096 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2024-08-02 8.8 High
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24095 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2024-08-02 8.8 High
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-23120 1 Trendnet 2 Tv-ip651wi, Tv-ip651wi Firmware 2024-08-02 5.9 Medium
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.