6 results (0.002 seconds)

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. • https://vuldb.com/?ctiid.220020 https://vuldb.com/?id.220020 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019. • https://vuldb.com/?ctiid.220019 https://vuldb.com/?id.220019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. • https://vuldb.com/?ctiid.219958 https://vuldb.com/?id.219958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1

A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.219935 https://vuldb.com/?id.219935 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter. Se detectó un problema en los dispositivos TRENDnet TEW-651BR versión 2.04B1, TEW-652BRP versión 3.04b01 y TEW-652BRU versión 1.00b12. Se presenta un desbordamiento del búfer por medio del parámetro ccp_act del archivo get_set.ccp. • https://github.com/pr0v3rbs/CVE/blob/master/CVE-2019-11400/ticket.png https://www.trendnet.com/support • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •