Vulnerabilities > Trendnet

DATE CVE VULNERABILITY TITLE RISK
2019-07-02 CVE-2019-13151 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
6.5
2019-07-02 CVE-2019-13150 Command Injection vulnerability in Trendnet Tew-827Dru Firmware
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-77
6.5
2019-07-02 CVE-2019-13149 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
6.5
2019-07-02 CVE-2019-13148 Command Injection vulnerability in Trendnet Tew-827Dru Firmware
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-77
6.5
2019-04-22 CVE-2019-11418 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tew-632Brp Firmware 1.010B32
apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.
network
low complexity
trendnet CWE-119
7.5
2019-04-22 CVE-2019-11417 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware
system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function.
network
low complexity
trendnet CWE-119
7.5
2018-12-20 CVE-2018-19242 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tew-632Brp Firmware and Tew-673Gru Firmware
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
network
low complexity
trendnet CWE-119
6.5
2018-12-20 CVE-2018-19241 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware and Tv-Ip121Wn Firmware
Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).
network
low complexity
trendnet CWE-119
5.0
2018-12-20 CVE-2018-19240 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware and Tv-Ip121Wn Firmware
Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).
network
low complexity
trendnet CWE-119
7.5
2018-12-20 CVE-2018-19239 OS Command Injection vulnerability in Trendnet Tew-673Gru Firmware 1.00B40
TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability in the start_arpping function of the timer binary, which allows remote attackers to execute arbitrary commands via three parameters (dhcpd_start, dhcpd_end, and lan_ipaddr) passed to the apply.cgi binary through a POST request.
network
low complexity
trendnet CWE-78
critical
9.0