Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Trendnet Subscribe
Total 122 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0637 1 Trendnet 2 Tew-811dru, Tew-811dru Firmware 2023-02-09 N/A 6.5 MEDIUM
A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability.
CVE-2023-0638 1 Trendnet 2 Tew-811dru, Tew-811dru Firmware 2023-02-09 N/A 9.8 CRITICAL
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-220018 is the identifier assigned to this vulnerability.
CVE-2023-0639 1 Trendnet 2 Tew-652brp, Tew-652brp Firmware 2023-02-09 N/A 6.1 MEDIUM
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019.
CVE-2023-0640 1 Trendnet 2 Tew-652brp, Tew-652brp Firmware 2023-02-09 N/A 9.8 CRITICAL
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220020.
CVE-2023-23120 1 Trendnet 2 Tv-ip651wi, Tv-ip651wi Firmware 2023-02-09 N/A 5.9 MEDIUM
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.
CVE-2023-0611 1 Trendnet 2 Tew-652brp, Tew-652brp Firmware 2023-02-08 N/A 8.8 HIGH
A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-219935.
CVE-2023-0612 1 Trendnet 2 Tew-811dru, Tew-811dru Firmware 2023-02-08 N/A 7.5 HIGH
A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219936.
CVE-2023-0613 1 Trendnet 2 Tew-811dru, Tew-811dru Firmware 2023-02-08 N/A 7.5 HIGH
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219937 was assigned to this vulnerability.
CVE-2023-0618 1 Trendnet 2 Tew-652brp, Tew-652brp Firmware 2023-02-08 N/A 7.5 HIGH
A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability.
CVE-2023-0617 1 Trendnet 2 Tew-811dru, Tew-811dru Firmware 2023-02-08 N/A 7.5 HIGH
A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219957 was assigned to this vulnerability.
CVE-2022-47065 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-06 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24098 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-01 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24099 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-01 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24097 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-01 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24096 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-01 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-24095 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2023-02-01 N/A 8.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-46584 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2023-01-05 N/A 9.8 CRITICAL
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.maclist parameter in the kick_ban_wifi_mac_deny (sub_415D7C) function.
CVE-2022-46580 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2023-01-04 N/A 9.8 CRITICAL
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page parameter in the wifi_captive_portal function.
CVE-2022-46581 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2023-01-04 N/A 9.8 CRITICAL
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function.
CVE-2022-46582 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2023-01-04 N/A 9.8 CRITICAL
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function.