Vulnerabilities > Trendnet > TEW 827Dru Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-20159 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. | 9.0 |
| 2021-12-30 | CVE-2021-20160 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. | 9.0 |
| 2021-12-30 | CVE-2021-20161 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. | 7.2 |
| 2021-12-30 | CVE-2021-20162 | Cleartext Storage of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. | 4.0 |
| 2021-12-30 | CVE-2021-20163 | Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. | 4.0 |
| 2021-12-30 | CVE-2021-20164 | Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. | 4.0 |
| 2021-12-30 | CVE-2021-20165 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. | 6.8 |
| 2020-06-15 | CVE-2020-14076 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware 2.06B04 TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 6.5 |
| 2020-06-15 | CVE-2020-14081 | OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.06B04 TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device. | 9.0 |
| 2020-06-15 | CVE-2020-14080 | Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware 2.06B04 TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. | 7.5 |