CVE-2019-13152

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Gaming Rule...

CVE-2019-13151

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the action setstaenrolleepin5g and the key wpsstaenrolleepin...

CVE-2019-13150

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication. The command injection exists in the key ipaddr...

CVE-2019-13148

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the UDP Ports To Open in Add Gaming Rule...

CVE-2019-13153

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the Private Port in Add Virtual Server...

CVE-2018-7034

TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

CVE-2019-13149

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the key passwd in Routing RIP Settings...

CVE-2019-13280

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...

CVE-2019-13278

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

VulnCheck KEV: CVE-2023-51833

A command injection issue in TRENDnet TEW-411BRPplus v.2.07eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

CVE-2025-2959

A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated with...

CVE-2025-2958

A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. The attack needs to be done...

CVE-2025-2957

A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the loca...

CVE-2025-2956

A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0 /1.0.8.S0 and classified as problematic. This issue affects the function pluginscallhandleuriraw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be...

The vulnerability of the HTTP request processor daemon in the TRENDnet TEW-410APB wireless access point software allows a attacker to cause a service failure.

The vulnerability of the HTTP request processor in TRENDnet TEW-410APB wireless access points is related to the zero pointer swapping issue. Exploiting this vulnerability allows a remote attacker to cause service interruptions by sending a specially crafted POST request...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

CVE-2025-2959

A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated with...

CVE-2025-2959

A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated with...