Vulnerabilities (CVE)

Filtered by vendor Trendnet Subscribe
Total 130 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20153 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.9 MEDIUM 6.8 MEDIUM
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloads to, then a user is able to download arbitrary files to any desired location on the devices filesystem, which could lead to remote code execution. Example directories vulnerable to this include "config", "downloads", and "torrents", though it should be noted that "downloads" is the only vector that allows for arbitrary files to be downloaded to arbitrary locations.
CVE-2021-20152 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 5.8 MEDIUM 6.5 MEDIUM
Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/
CVE-2021-20151 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 7.5 HIGH 10.0 CRITICAL
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions based on IP address rather than verifying client cookies/session tokens/etc. This allows an attacker (whether from a different computer, different web browser on the same machine, etc.) to take over an existing session. This does require the attacker to be able to spoof or take over original IP address of the original user's session.
CVE-2021-20150 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
CVE-2021-20149 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default.
CVE-2020-14081 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.
CVE-2020-14080 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi via the action ping_test with a sufficiently long ping_ipaddr key.
CVE-2020-14079 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action auto_up_fw (or auto_up_lp) with a sufficiently long update_file_name key.
CVE-2020-14078 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with a sufficiently long REMOTE_ADDR key.
CVE-2020-14077 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a sufficiently long wps_sta_enrollee_pin key.
CVE-2020-14076 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action st_dev_connect, st_dev_disconnect, or st_dev_rconnect with a sufficiently long wan_type key.
CVE-2020-14075 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.
CVE-2020-14074 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key.
CVE-2020-12763 1 Trendnet 2 Tv-ip512wn, Tv-ip512wn Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header.
CVE-2020-10216 2 Dlink, Trendnet 4 Dir-825, Dir-825 Firmware, Tew-632brp and 1 more 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
CVE-2020-10215 2 Dlink, Trendnet 4 Dir-825, Dir-825 Firmware, Tew-632brp and 1 more 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
CVE-2020-10213 2 Dlink, Trendnet 4 Dir-825, Dir-825 Firmware, Tew-632brp and 1 more 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.
CVE-2019-13280 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can be exercised on the local intranet or remotely if remote administration is enabled.
CVE-2019-13279 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote administration is enabled.
CVE-2019-13278 1 Trendnet 2 Tew-827dru, Tew-827dru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if remote administration is enabled.