VYPR

TEW-814DAP

by Trendnet

CVEs (7)

  • CVE-2024-0919Jan 26, 2024
    risk 0.03cvss epss 0.23

    A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. It has been classified as critical. This affects the function do_setNTP of the component POST Request Handler. The manipulation of the argument NtpDstStart/NtpDstEnd leads to command injection. It is possible to initiate…

  • CVE-2024-37642Jun 14, 2024
    risk 0.02cvss epss 0.11

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .

  • CVE-2024-37645Jun 14, 2024
    risk 0.00cvss epss 0.01

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog .

  • CVE-2024-37644Jun 14, 2024
    risk 0.00cvss epss 0.00

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

  • CVE-2024-37641Jun 14, 2024
    risk 0.00cvss epss 0.01

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule

  • CVE-2024-37643Jun 14, 2024
    risk 0.00cvss epss 0.01

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .

  • CVE-2024-22546Apr 30, 2024
    risk 0.00cvss epss 0.01

    TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request.