Vulnerabilities (CVE)

Filtered by vendor Trendnet Subscribe
Filtered by product Tew-755ap
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-28846 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\n" format. The two variables seem to be put in the wrong order. The vulnerability could be triggered by sending the POST request to apply_cgi with a long and unknown key in the request body.
CVE-2021-28845 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending the POST request to apply_cgi via the lang action without a language key.
CVE-2021-28844 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi via a do_graph_auth action without a session_id key.
CVE-2021-28843 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi with an unknown action name.
CVE-2021-28842 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to apply_cgi via action do_graph_auth without login_name key.
CVE-2021-28841 1 Trendnet 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to apply_cgi via an action ping_test without a ping_ipaddr key.