Vulnerabilities > Trendnet > TEW 827Dru Firmware > 2.04

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2020-14076 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
8.8
2020-06-15 CVE-2020-14081 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.
network
low complexity
trendnet CWE-78
8.8
2020-06-15 CVE-2020-14080 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
critical
9.8
2020-06-15 CVE-2020-14079 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
8.8
2020-06-15 CVE-2020-14078 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
8.8
2020-06-15 CVE-2020-14077 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
8.8
2020-06-15 CVE-2020-14075 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.
network
low complexity
trendnet CWE-78
8.8
2020-06-15 CVE-2020-14074 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
8.8
2019-07-10 CVE-2019-13279 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code.
network
low complexity
trendnet CWE-787
critical
9.8
2019-07-10 CVE-2019-13278 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device.
network
low complexity
trendnet CWE-78
critical
9.8