Filtered by vendor Trendnet
Subscribe
Total
96 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-47065 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-06-04 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-24099 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-05-17 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-24098 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-05-17 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-24097 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-05-17 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-24096 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-05-17 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-24095 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-05-17 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2022-35203 | 1 Trendnet | 2 Tv-ip572pi, Tv-ip572pi Firmware | 2024-02-14 | N/A | 7.2 HIGH |
An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information. | |||||
CVE-2023-51833 | 1 Trendnet | 2 Tew-411brpplus, Tew-411brpplus Firmware | 2024-02-05 | N/A | 8.1 HIGH |
A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page. | |||||
CVE-2023-49237 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings. | |||||
CVE-2022-44373 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-02-04 | N/A | 8.8 HIGH |
A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution. | |||||
CVE-2022-46597 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the sys_service parameter in the setup_wizard_mydlink (sub_4104B8) function. | |||||
CVE-2022-46598 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_5g function. | |||||
CVE-2022-37053 | 1 Trendnet | 2 Tew733gr, Tew733gr Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php. | |||||
CVE-2022-38556 | 1 Trendnet | 2 Tew733gr, Tew733gr Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | |||||
CVE-2022-30328 | 1 Trendnet | 2 Tew-831dr, Tew-831dr Firmware | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface. | |||||
CVE-2022-30326 | 1 Trendnet | 2 Tew-831dr, Tew-831dr Firmware | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface. | |||||
CVE-2022-33007 | 1 Trendnet | 4 Tew-751dr, Tew-751dr Firmware, Tew-752dru and 1 more | 2024-02-04 | 5.8 MEDIUM | 8.8 HIGH |
TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main. | |||||
CVE-2022-30329 | 1 Trendnet | 2 Tew-831dr, Tew-831dr Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands. | |||||
CVE-2022-31875 | 1 Trendnet | 2 Tv-ip110wn, Tv-ip110wn Firmware | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi | |||||
CVE-2021-33317 | 1 Trendnet | 18 Teg-30102ws, Teg-30102ws Firmware, Ti-g102i and 15 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. |