TEW-929DRU
by Trendnet
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-25428 | 0.00 | — | 0.00 | Feb 28, 2025 | TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | |||
| CVE-2025-25430 | 0.00 | — | 0.00 | Feb 28, 2025 | Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page. | |||
| CVE-2025-25429 | 0.00 | — | 0.00 | Feb 28, 2025 | Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page. | |||
| CVE-2025-25431 | 0.00 | — | 0.00 | Feb 28, 2025 | Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page. |
- CVE-2025-25428Feb 28, 2025risk 0.00cvss —epss 0.00
TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
- CVE-2025-25430Feb 28, 2025risk 0.00cvss —epss 0.00
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page.
- CVE-2025-25429Feb 28, 2025risk 0.00cvss —epss 0.00
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page.
- CVE-2025-25431Feb 28, 2025risk 0.00cvss —epss 0.00
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page.