Vulnerabilities (CVE)

Filtered by vendor Trendnet Subscribe
Filtered by product Tw100-s4w1ca Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32426 1 Trendnet 2 Tw100-s4w1ca, Tw100-s4w1ca Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command.
CVE-2021-32424 1 Trendnet 2 Tw100-s4w1ca, Tw100-s4w1ca Firmware 2024-11-21 6.8 MEDIUM 8.8 HIGH
In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the router.