Filtered by vendor Trendnet
Subscriptions
Total
135 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0640 | 1 Trendnet | 2 Tew-652brp, Tew-652brp Firmware | 2024-08-02 | 7.2 High |
| A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220020. | ||||
| CVE-2023-0637 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2024-08-02 | 6.5 Medium |
| A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability. | ||||
| CVE-2023-0639 | 1 Trendnet | 2 Tew-652brp, Tew-652brp Firmware | 2024-08-02 | 2.4 Low |
| A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019. | ||||
| CVE-2023-0618 | 1 Trendnet | 2 Tew-652brp, Tew-652brp Firmware | 2024-08-02 | 7.5 High |
| A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-0612 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2024-08-02 | 7.5 High |
| A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219936. | ||||
| CVE-2023-0611 | 1 Trendnet | 2 Tew-652brp, Tew-652brp Firmware | 2024-08-02 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-219935. | ||||
| CVE-2023-0617 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2024-08-02 | 7.5 High |
| A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219957 was assigned to this vulnerability. | ||||
| CVE-2023-0613 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2024-08-02 | 7.5 High |
| A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219937 was assigned to this vulnerability. | ||||
| CVE-2024-37641 | 1 Trendnet | 1 Tew-814dap | 2024-08-02 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule | ||||
| CVE-2024-37644 | 1 Trendnet | 1 Tew-814dap | 2024-08-02 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. | ||||
| CVE-2024-37643 | 1 Trendnet | 1 Tew-814dap | 2024-08-02 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth . | ||||
| CVE-2024-37645 | 1 Trendnet | 1 Tew-814dap | 2024-08-02 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog . | ||||
| CVE-2024-22545 | 1 Trendnet | 2 Tew-824dru, Tew-824dru Firmware | 2024-08-01 | 7.8 High |
| An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function. The attack can be launched remotely. | ||||
| CVE-2024-0920 | 1 Trendnet | 2 Tew-822dre, Tew-822dre Firmware | 2024-08-01 | 7.2 High |
| A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-0919 | 1 Trendnet | 2 Tew-815dap, Tew-815dap Firmware | 2024-08-01 | 8.8 High |
| A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. It has been classified as critical. This affects the function do_setNTP of the component POST Request Handler. The manipulation of the argument NtpDstStart/NtpDstEnd leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||