CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1964 matches found

Cvelist•added 2024/02/01 12:0 a.m.•15 views

CVE-2023-51835

An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the parameters ipv4ping in the /boafrm/formSystemCheck...

7.5AI score0.07319EPSS

Exploits1References2

Positive Technologies•added 2024/02/01 12:0 a.m.•3 views

PT-2024-14308 · Trendnet · Trendnet Tew-822Dre

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version 1.03B02 Description: An issue allows a local attacker to execute arbitrary code via the ipv4 ping parameter in the "/boafrm/formSystemCheck" API endpoint. Recommendations: For TRENDnet TEW-822DRE version 1.03B02,...

6.8CVSS7.4AI score0.07319EPSS

Exploits1References5

CVE•added 2024/02/01 12:0 a.m.•25 views

CVE-2023-51835

CVE-2023-51835 affects TRENDnet TEW-822DRE v1.03B02. A local attacker can execute arbitrary code via the ipv4_ping parameter in the /boafrm/formSystemCheck endpoint. Documentation from multiple sources confirms the impact but does not provide a concrete patch or fixed version in the supplied mate...

6.8CVSS7.5AI score0.07319EPSS

Exploits1References2Affected Software1

BDU FSTEC•added 2024/01/31 12:0 a.m.•3 views

The vulnerability of the POST Request Handler component in Trendnet’s microprogrammed routing software TEW-800MB allows a attacker to execute arbitrary commands.

The vulnerability of the POST Request Handler component in Trendnet’s TEW-800MB router software lies in insufficient validation of the DeviceURL parameter used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands or cause service...

8.3CVSS7.6AI score0.25438EPSS

Exploits1References4Affected Software1

BDU FSTEC•added 2024/01/31 12:0 a.m.•2 views

The vulnerability of the /admin_ping.htm file of the POST Request Handler component in the microprogramming software for Trendnet TEW-822DRE allows a attacker to execute arbitrary commands.

The vulnerability of the /adminping.htm file of the POST Request Handler component in the microprogramming system of the Trendnet TEW-822DRE router lies in the insufficient checking of the ipv4ping/ipv6ping argument passed in the command. Exploiting this vulnerability allows a remote attacker to...

8.3CVSS7.5AI score0.08648EPSS

Exploits1References4Affected Software1

OSV•added 2024/01/26 9:15 a.m.•1 views

CVE-2024-0920

A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /adminping.htm of the component POST Request Handler. The manipulation of the argument ipv4ping/ipv6ping leads to command injection. The attack can be...

7.2CVSS5.6AI score0.08648EPSS

Exploits1References3

OSV•added 2024/01/26 9:15 a.m.•1 views

CVE-2024-0919

A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. It has been classified as critical. This affects the function dosetNTP of the component POST Request Handler. The manipulation of the argument NtpDstStart/NtpDstEnd leads to command injection. It is possible to initiate the attack remotely...

7.2CVSS5.6AI score0.22549EPSS

Exploits1References3

NVD•added 2024/01/26 9:15 a.m.•6 views

CVE-2024-0920

8.3CVSS7.5AI score0.08648EPSS

Exploits1References3

NVD•added 2024/01/26 9:15 a.m.•9 views

CVE-2024-0919

9CVSS9.1AI score0.22549EPSS

Exploits1References3

OSV•added 2024/01/26 9:15 a.m.•1 views

CVE-2024-0918

A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploi...

7.2CVSS5.6AI score0.25438EPSS

Exploits1References3

NVD•added 2024/01/26 9:15 a.m.•11 views

CVE-2024-0918

8.3CVSS7.4AI score0.25438EPSS

Exploits1References3

Prion•added 2024/01/26 9:15 a.m.•13 views

Command injection

8.3CVSS7.8AI score0.08648EPSS

Exploits1References3Affected Software1

Prion•added 2024/01/26 9:15 a.m.•13 views

Command injection

8.3CVSS7.7AI score0.25438EPSS

Exploits1References3Affected Software1

OSV•added 2024/01/26 8:15 a.m.•3 views

CVE-2024-22545

An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub420AE0 function. The attack can be launched remotely...

7.8CVSS6.1AI score

Exploits0References1

NVD•added 2024/01/26 8:15 a.m.•10 views

CVE-2024-22545

7.8CVSS8AI score0.00498EPSS

Exploits1References1

Prion•added 2024/01/26 8:15 a.m.•15 views

Design/Logic Flaw

4.3CVSS8AI score0.00498EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/01/26 8:8 a.m.•14 views

CVE-2024-0920 TRENDnet TEW-822DRE POST Request admin_ping.htm command injection

8.3CVSS7.7AI score0.08648EPSS

Exploits1References3

Vulnrichment•added 2024/01/26 8:8 a.m.•3 views

CVE-2024-0920 TRENDnet TEW-822DRE POST Request admin_ping.htm command injection

8.3CVSS7.5AI score0.08648EPSS

Exploits1References3

CVE•added 2024/01/26 8:8 a.m.•39 views

CVE-2024-0920

The CVE-2024-0920 entry concerns TRENDnet TEW-822DRE v1.03B02. Affected component: POST Request Handler, specifically the /admin_ping.htm endpoint. Root cause described as manipulation of the ipv4_ping/ipv6_ping parameter enabling command injection. Impact is high (confidentiality, integrity, and...

8.3CVSS7.5AI score0.08648EPSS

Exploits1References3Affected Software1

Cvelist•added 2024/01/26 8:8 a.m.•14 views

CVE-2024-0919 TRENDnet TEW-815DAP POST Request do_setNTP command injection

9CVSS9.2AI score0.22549EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by