ReportizFlow
Filtered by vendor Trendnet
Subscriptions
Total
149 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-46592 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the set_sta_enrollee_pin_5g function. | ||||
| CVE-2022-46591 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reject_url parameter in the reject (sub_41BD60) function. | ||||
| CVE-2022-46590 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_rsname parameter in the tools_netstat (sub_41E730) function. | ||||
| CVE-2022-46589 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_option parameter in the tools_netstat (sub_41E730) function. | ||||
| CVE-2022-46588 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sys_service parameter in the setup_wizard_mydlink (sub_4104B8) function. | ||||
| CVE-2022-46586 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.maclist parameter in the kick_ban_wifi_mac_allow (sub_415B00) function. | ||||
| CVE-2022-46585 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | 9.8 Critical |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter in the get_access (sub_45AC2C) function. | ||||
| CVE-2012-4876 | 1 Trendnet | 2 Securview Wireless Internet Camera, Securview Wireless Internet Camera Activex Control | 2025-04-11 | N/A |
| Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method. | ||||
| CVE-2013-3098 | 1 Trendnet | 2 Tew-812dru, Tew-812dru Firmware | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change admin credentials in a request to setSysAdm.cgi, (2) enable remote management or (3) enable port forwarding in an Apply action to uapply.cgi, or (4) have unspecified impact via a request to setNTP.cgi. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-3365 | 1 Trendnet | 1 Tew-812dru | 2025-04-11 | N/A |
| TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) wan network prefix to internet/ipv6.asp; (2) remote port to adm/management.asp; (3) pptp username, (4) pptp password, (5) ip, (6) gateway, (7) l2tp username, or (8) l2tp password to internet/wan.asp; (9) NtpDstStart, (10) NtpDstEnd, or (11) NtpDstOffset to adm/time.asp; or (12) device url to adm/management.asp. NOTE: vectors 9, 10, and 11 can be exploited by unauthenticated remote attackers by leveraging CVE-2013-3098. | ||||
| CVE-2023-51146 | 1 Trendnet | 2 Tew-821dap, Tew-821dap Firmware | 2025-04-08 | 8.0 High |
| Buffer Overflow vulnerability in TRENDnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the adm_add_user action. | ||||
| CVE-2023-24098 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-02 | 8.8 High |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-24097 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-02 | 8.8 High |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-24096 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-02 | 8.8 High |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2024-36728 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2025-04-01 | 8.1 High |
| TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficiently long dns1 or dns 2 key. | ||||
| CVE-2024-36729 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2025-04-01 | 6.3 Medium |
| TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key. | ||||
| CVE-2024-50667 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-01 | 9.8 Critical |
| The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks. | ||||
| CVE-2024-51190 | 1 Trendnet | 6 Tew-651br, Tew-651br Firmware, Tew-652brp and 3 more | 2025-04-01 | 4.8 Medium |
| TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page. | ||||
| CVE-2024-51189 | 1 Trendnet | 6 Tew-651br, Tew-651br Firmware, Tew-652brp and 3 more | 2025-04-01 | 4.8 Medium |
| TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page. | ||||
| CVE-2024-51188 | 1 Trendnet | 6 Tew-651br, Tew-651br Firmware, Tew-652brp and 3 more | 2025-04-01 | 4.8 Medium |
| TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page. | ||||