Vulnerabilities > Trendnet > TEW 827Dru Firmware > 2.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2020-14076 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 8.8 |
| 2020-06-15 | CVE-2020-14081 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device. | 8.8 |
| 2020-06-15 | CVE-2020-14080 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 9.8 |
| 2020-06-15 | CVE-2020-14079 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 8.8 |
| 2020-06-15 | CVE-2020-14078 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 8.8 |
| 2020-06-15 | CVE-2020-14077 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 8.8 |
| 2020-06-15 | CVE-2020-14075 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device. | 8.8 |
| 2020-06-15 | CVE-2020-14074 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 8.8 |
| 2019-07-10 | CVE-2019-13279 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. | 9.8 |
| 2019-07-10 | CVE-2019-13278 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03 TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. | 9.8 |