CVE-2023-24097
https://notcve.org/view.php?id=CVE-2023-24097
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Se descubrió que TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, versión de firmware 1.01.B01, contenía un desbordamiento de pila a través del parámetro de URL de envío en /formPasswordAuth. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario mediante un payload manipulado. • https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/03/README.md • CWE-787: Out-of-bounds Write •
CVE-2022-47065
https://notcve.org/view.php?id=CVE-2022-47065
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Se descubrió que TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, versión de firmware 1.01.B01, contenía un desbordamiento de pila a través del parámetro de URL de envío en /formNewSchedule. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario mediante un payload manipulado. • https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/01/README.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-24095
https://notcve.org/view.php?id=CVE-2023-24095
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Se descubrió que TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, versión de firmware 1.01.B01, contenía un desbordamiento de pila a través del parámetro de envío de URL en /formSystemCheck. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario mediante un payload manipulado. • https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/05/README.md • CWE-787: Out-of-bounds Write •
CVE-2023-24098
https://notcve.org/view.php?id=CVE-2023-24098
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Se descubrió que TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, versión de firmware 1.01.B01 contenía un desbordamiento de pila a través del parámetro de envío de URL en /formSysLog. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario mediante un payload manipulado. • https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/04/README.md • CWE-787: Out-of-bounds Write •
CVE-2022-46598
https://notcve.org/view.php?id=CVE-2022-46598
TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_5g function. Se descubrió que TRENDnet TEW755AP 1.13B01 contiene una vulnerabilidad de inyección de comandos a través del parámetro wps_sta_enrollee_pin en la función de acción set_sta_enrollee_pin_5g. • https://brief-nymphea-813.notion.site/Vul3-TEW755-injection-set_sta_enrollee_pin_5g-b903e73d59b940c8a79bf4425dfdf992 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •