VYPR

Vendor CVEs

Trendnet

All CVEs

213 total · sorted by risk
  • CVE-2019-11399Dec 18, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.

  • CVE-2013-3366Nov 13, 2019
    risk 0.00cvss epss 0.01

    Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

  • CVE-2013-3367Nov 13, 2019
    risk 0.00cvss epss 0.03

    Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

  • CVE-2019-13279Jul 10, 2019
    risk 0.00cvss epss 0.03

    TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or…

  • CVE-2019-13276Jul 10, 2019
    risk 0.00cvss epss 0.03

    TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by providing a sufficiently long query string when POSTing to any valid cgi, txt, asp, or…

  • CVE-2019-13277Jul 9, 2019
    risk 0.00cvss epss 0.02

    TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the…

  • CVE-2019-13280Jul 9, 2019
    risk 0.00cvss epss 0.02

    TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code.…

  • CVE-2019-11418Apr 21, 2019
    risk 0.00cvss epss 0.02

    apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.

  • CVE-2019-11417Apr 21, 2019
    risk 0.00cvss epss 0.02

    system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function. Attackers can exploit the vulnerability by using the languse parameter with a long string. This affects 1.2.2 build…

  • CVE-2018-19241Dec 20, 2018
    risk 0.00cvss epss 0.02

    Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).

  • CVE-2018-19239Dec 20, 2018
    risk 0.00cvss epss 0.05

    TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability in the start_arpping function of the timer binary, which allows remote attackers to execute arbitrary commands via three parameters (dhcpd_start, dhcpd_end, and lan_ipaddr) passed to the apply.cgi…

  • CVE-2018-19240Dec 20, 2018
    risk 0.00cvss epss 0.04

    Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).

  • CVE-2018-19242Dec 20, 2018
    risk 0.00cvss epss 0.03

    Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).

Page 5 of 5