Vulnerabilities > Trendnet > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-02 | CVE-2019-13149 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. | 6.5 |
| 2019-07-02 | CVE-2019-13148 | Command Injection vulnerability in Trendnet Tew-827Dru Firmware An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. | 6.5 |
| 2018-12-20 | CVE-2018-19242 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tew-632Brp Firmware and Tew-673Gru Firmware Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication). | 6.5 |
| 2018-12-20 | CVE-2018-19241 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware and Tv-Ip121Wn Firmware Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication). | 5.0 |
| 2018-02-14 | CVE-2018-7034 | Improper Authentication vulnerability in Trendnet products TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | 5.0 |
| 2014-02-04 | CVE-2013-3098 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-812Dru and Tew-812Dru Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change admin credentials in a request to setSysAdm.cgi, (2) enable remote management or (3) enable port forwarding in an Apply action to uapply.cgi, or (4) have unspecified impact via a request to setNTP.cgi. | 6.8 |