VYPR

Vendor CVEs

Trendnet

All CVEs

213 total · sorted by risk
  • CVE-2015-1187CriKEVSep 21, 2017
    risk 0.85cvss 9.8epss 0.83

    The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

  • CVE-2013-4659CriMar 14, 2017
    risk 0.68cvss 9.8epss 0.14

    Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.

  • CVE-2025-8731CriAug 8, 2025
    risk 0.64cvss 9.8epss 0.01

    A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2014-8579CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.02

    TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session.

  • CVE-2026-10183HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly…

  • CVE-2026-10181HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The…

  • CVE-2026-10179HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.03

    A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. It is possible to initiate the attack remotely. The…

  • CVE-2026-10162HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack may be launched remotely. The…

  • CVE-2026-10161HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_statistic results in stack-based buffer overflow. The attack may be initiated…

  • CVE-2026-10160HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-based buffer overflow. The attack can be…

  • CVE-2026-10159HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page causes stack-based buffer overflow. The attack can be initiated remotely. The…

  • CVE-2026-10158HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit…

  • CVE-2026-10123HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in…

  • CVE-2026-10122HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-based buffer overflow. The attack may be performed from…

  • CVE-2026-10121HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keyword causes stack-based buffer overflow. The attack is possible to be carried out…

  • CVE-2026-10120HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewall_name results in stack-based buffer overflow. The attack can be executed…

  • CVE-2026-10119HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name leads to stack-based buffer overflow. Remote exploitation of the attack is…

  • CVE-2026-10063HigMay 29, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is…

  • CVE-2026-10062HigMay 29, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. The attack is possible to be carried…

  • CVE-2026-7607HigMay 2, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains:…

  • CVE-2026-5350HigApr 2, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update_pcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has…

  • CVE-2026-5349HigApr 2, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add_apcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly…

  • CVE-2015-2880HigApr 10, 2017
    risk 0.57cvss 8.8epss 0.01

    TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.

  • CVE-2018-7034HigFeb 14, 2018
    risk 0.49cvss 7.5epss 0.02

    TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.

  • CVE-2026-4172HigMar 16, 2026
    risk 0.47cvss 7.2epss 0.01

    A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /ping_response.cgi of the component HTTP POST Request Handler. The manipulation of the argument ping_ipaddr results in stack-based buffer overflow. The attack may be performed…

  • CVE-2025-5870HigJun 9, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack…

  • CVE-2025-8758HigAug 9, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather…

  • CVE-2025-8757HigAug 9, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is…

  • CVE-2025-2957MedMar 30, 2025
    risk 0.42cvss 6.5epss 0.00

    A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be…

  • CVE-2025-2956MedMar 30, 2025
    risk 0.42cvss 6.5epss 0.00

    A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer…

  • CVE-2026-10182MedMay 31, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit…

  • CVE-2026-10180MedMay 31, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to…

  • CVE-2026-10064MedMay 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name results in stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2026-10061MedMay 29, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used.…

  • CVE-2026-10060MedMay 29, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. Remote exploitation of the attack is possible. The exploit has…

  • CVE-2026-7609MedMay 2, 2026
    risk 0.41cvss 6.3epss 0.04

    A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The…

  • CVE-2026-5355MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn_drop of the file /setup.cgi. The manipulation of the argument policy_name leads to os command injection. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-5354MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to os command injection. The attack can be executed remotely. The exploit has…

  • CVE-2026-5353MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function ping_test of the file /setup.cgi. Performing a manipulation of the argument c4_IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public…

  • CVE-2026-5352MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.04

    A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb_list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed…

  • CVE-2026-5351MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.04

    A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function add_wps_client of the file /setup.cgi. This manipulation of the argument wl_enrolee_pin causes os command injection. The attack may be initiated remotely. The exploit has been made available…

  • CVE-2026-5184MedMar 31, 2026
    risk 0.41cvss 6.3epss 0.06

    A vulnerability was identified in TRENDnet TEW-713RE up to 1.02. The impacted element is an unknown function of the file /goform/setSysAdm. The manipulation of the argument admuser leads to command injection. The attack can be initiated remotely. The exploit is publicly…

  • CVE-2026-5183MedMar 31, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The affected element is the function sub_421494 of the file /goform/addRouting. Executing a manipulation of the argument dest can lead to command injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2025-15139MedDec 28, 2025
    risk 0.41cvss 6.3epss 0.12

    A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub_43ACF4  of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed remotely. The exploit has been disclosed to…

  • CVE-2026-7608MedMay 2, 2026
    risk 0.36cvss 5.5epss 0.05

    A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools_diagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on…

  • CVE-2025-10107MedSep 9, 2025
    risk 0.31cvss 4.7epss 0.04

    A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Impacted is an unknown function of the file /boafrm/formSysCmd. The manipulation of the argument sysHost leads to command injection. The attack is possible to be carried out remotely. The exploit has been…

  • CVE-2026-7611LowMay 2, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platform_do_upgrade_cameo_dev of the file cameo_dev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The…

  • CVE-2026-7610LowMay 2, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability has been found in TRENDnet TEW-821DAP 1.12B01. This affects an unknown function of the file /www/cgi/ssi of the component Firmware Update. Such manipulation leads to cleartext transmission of sensitive information. The attack can be executed remotely. This attack…

  • CVE-2026-7606LowMay 2, 2026
    risk 0.24cvss 3.7epss 0.00

    A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find_hwid/new_gui_update_firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity.…

  • CVE-2025-8759LowAug 9, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic…

Page 1 of 5