CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0638 – TRENDnet TEW-811DRU Web Interface command injection
https://notcve.org/view.php?id=CVE-2023-0638
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.220018 https://vuldb.com/?id.220018 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0637 – TRENDnet TEW-811DRU Web Management Interface wan.asp memory corruption
https://notcve.org/view.php?id=CVE-2023-0637
A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.220017 https://vuldb.com/?id.220017 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 1CVE-2023-23120
https://notcve.org/view.php?id=CVE-2023-23120
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification. • https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzci https://www.trendnet.com/support • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0618 – TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption
https://notcve.org/view.php?id=CVE-2023-0618
A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. • https://vuldb.com/?ctiid.219958 https://vuldb.com/?id.219958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0617 – TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow
https://notcve.org/view.php?id=CVE-2023-0617
A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. • https://vuldb.com/?ctiid.219957 https://vuldb.com/?id.219957 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •