CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0639 – TRENDnet TEW-652BRP Web Management Interface get_set.ccp cross site scripting
https://notcve.org/view.php?id=CVE-2023-0639
02 Feb 2023 — A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019. • https://vuldb.com/?ctiid.220019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0638 – TRENDnet TEW-811DRU Web Interface command injection
https://notcve.org/view.php?id=CVE-2023-0638
02 Feb 2023 — A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.220018 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0637 – TRENDnet TEW-811DRU Web Management Interface wan.asp memory corruption
https://notcve.org/view.php?id=CVE-2023-0637
02 Feb 2023 — A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.220017 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 1CVE-2023-23120
https://notcve.org/view.php?id=CVE-2023-23120
02 Feb 2023 — The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification. • https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/HJl1oFzci • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0618 – TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption
https://notcve.org/view.php?id=CVE-2023-0618
01 Feb 2023 — A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. • https://vuldb.com/?ctiid.219958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0617 – TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow
https://notcve.org/view.php?id=CVE-2023-0617
01 Feb 2023 — A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. • https://vuldb.com/?ctiid.219957 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0613 – TRENDnet TEW-811DRU httpd security.asp memory corruption
https://notcve.org/view.php?id=CVE-2023-0613
01 Feb 2023 — A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.219937 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0612 – TRENDnet TEW-811DRU httpd basic.asp buffer overflow
https://notcve.org/view.php?id=CVE-2023-0612
01 Feb 2023 — A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.219936 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0611 – TRENDnet TEW-652BRP Web Management Interface get_set.ccp command injection
https://notcve.org/view.php?id=CVE-2023-0611
01 Feb 2023 — A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.219935 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24095
https://notcve.org/view.php?id=CVE-2023-24095
23 Jan 2023 — TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Se descubrió que TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, versión de firmware 1.01.B01, contenía un desbordamiento de pila a través del parámetro de e... • https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/05/README.md • CWE-787: Out-of-bounds Write •