8 matches found
TRENDnet TEW-432BRP 命令注入漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter sysCmd in the formSysCmd function within the goform/formSysCmd file, which allows for...
TRENDnet TEW-432BRP 安全漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability arises from the operation of the formSetProtocolFilter function in the file/goform/formSetProtocolFilter, where the paramete...
EUVD-2023-12646
Malicious code in bioql PyPI...
CVE-2019-13276
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by providing a sufficiently long query string when POSTing to any valid cgi, txt, asp, or js file. The...
CVE-2019-13280
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...
The vulnerability in the `apply.cgi` interface of TRENDnet TEW-827DRU’s CGI microprogramming system allows a hacker to escalate their privileges and execute arbitrary commands.
The vulnerability in the apply.cgi interface of TRENDnet TEW-827DRU microprogramming software’s CGI interface is related to the failure to take measures to neutralize special elements used in the OS command when processing the usapps.d.username parameter. Exploiting this vulnerability allows a...
TRENDnet TEW-822DRE Security Vulnerability
The TRENDnet TEW-822DRE is a dual-band wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-822DRE version v.1.03B02, which originates from a vulnerability that allows a local attacker to execute arbitrary code via the parameter ipv4ping in /boafrm/formSystemCheck...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...