Vulnerabilities > Trendnet
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-20160 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. | 9.0 |
| 2021-12-30 | CVE-2021-20161 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. | 7.2 |
| 2021-12-30 | CVE-2021-20162 | Cleartext Storage of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. | 4.0 |
| 2021-12-30 | CVE-2021-20163 | Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. | 4.0 |
| 2021-12-30 | CVE-2021-20164 | Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. | 4.0 |
| 2021-12-30 | CVE-2021-20165 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. | 6.8 |
| 2021-08-10 | CVE-2021-28845 | NULL Pointer Dereference vulnerability in Trendnet products Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending the POST request to apply_cgi via the lang action without a language key. | 5.0 |
| 2021-08-10 | CVE-2021-28841 | NULL Pointer Dereference vulnerability in Trendnet products Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to apply_cgi via an action ping_test without a ping_ipaddr key. | 5.0 |
| 2021-08-10 | CVE-2021-28842 | NULL Pointer Dereference vulnerability in Trendnet products Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to apply_cgi via action do_graph_auth without login_name key. | 5.0 |
| 2021-08-10 | CVE-2021-28843 | NULL Pointer Dereference vulnerability in Trendnet products Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi with an unknown action name. | 5.0 |