TRENDnet Shell

Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...

TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities

TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and i...

TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default a...

TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities

Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and it can be accessed without any prior authentication sinc...

TRENDnet TEW-634GRU 1.00.23 Disclosure / DoS / Privilege Escalation

Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and it can be accessed without any prior authentication sinc...

CVE-2013-3098

Multiple cross-site request forgery CSRF vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that 1 change admin credentials in a request to setSysAdm.cgi, 2 enable remote management or 3...

CVE-2013-3365

TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 wan network prefix to internet/ipv6.asp; 2 remote port to adm/management.asp; 3 pptp username, 4 pptp password, 5 ip, 6 gateway, 7 l2tp username, or 8 l2tp password to...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that 1 change admin credentials in a request to setSysAdm.cgi, 2 enable remote management or 3...

Design/Logic Flaw

TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 wan network prefix to internet/ipv6.asp; 2 remote port to adm/management.asp; 3 pptp username, 4 pptp password, 5 ip, 6 gateway, 7 l2tp username, or 8 l2tp password to...

CVE-2013-3365

TRENDnet TEW-812DRU router is affected by CSRF-related command injection vulnerabilities (CVE-2013-3365 and related CVE-2013-3098). Exploitation can allow an attacker with prior authentication to perform actions such as changing admin credentials, enabling remote management or port forwarding, or...

CVE-2013-3098

TRENDnet TEW-812DRU router is affected by CSRF vulnerabilities (CVE-2013-3098) in firmware

CVE-2013-3365

TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 wan network prefix to internet/ipv6.asp; 2 remote port to adm/management.asp; 3 pptp username, 4 pptp password, 5 ip, 6 gateway, 7 l2tp username, or 8 l2tp password to...

CVE-2013-3098

Multiple cross-site request forgery CSRF vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that 1 change admin credentials in a request to setSysAdm.cgi, 2 enable remote management or 3...

Multiple Trendnet Camera Products Security Bypass Vulnerability (Jan 2012) - Active Check

Multiple Trendnet Camera products are prone to a remote security bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

TRENDnet TEW-812DRU CSRF/Command Injection Root Exploit

Exploit for hardware platform in category web applications TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable with it, so it...

TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root

TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable wi...

TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root

TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable with it, so its included in thos PoC. function RF1 document.write''+ ''+...

TRENDnet Print Server Authentication Bypass Vulnerability

This host is running TRENDnet Print Server and is prone to authentication bypass vulnerability. OpenVAS Vulnerability Test $Id: gbtrendnetprintserverauthebypassvuln.nasl 6079 2017-05-08 09:03:33Z teissa $ TRENDnet Print Server Authentication Bypass Vulnerability Authors: Antu Sanadi Copyright:...

TRENDnet Print Server Authentication Bypass Vulnerability - Active Check

TRENDnet Print Server is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass

TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass Exploit Title: TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability Date: 2013/6/20 Exploit Author: Chako Firmware Version: 4.11 Tested on: Windows 7 Description: ===================== A remote...