11 matches found
CVE-2026-25532
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2026-25532
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
PT-2026-6314
Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a flaw in the WPS Wi-Fi Protected Setup Enrollee implementation. Malformed...
CVE-2022-46593
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wpsstaenrolleepin parameter in the dostaenrolleewifi function...
PT-2022-27927 · Trendnet · Trendnet Tew755Ap
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A stack overflow issue was discovered via the wps sta enrollee pin parameter in the set sta enrollee pin 24g function. This issue can be exploited, potentially allowing unauthorized access or...
TRENDnet TEW-755AP 缓冲区错误漏洞
The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from the lack of size checking of input data in the wpsstaenrolleepin parameter in the dostaenrolleewifi function, which can be exploited by an attacker to execute...
TRENDnet TEW-755AP 操作系统命令注入漏洞
The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a command injection vulnerability that stems from the wpsstaenrolleepin parameter in the setstaenrolleepin5g function failing to correctly filter for constructed command special characters, commands, and so on. ...
CVE-2020-14077
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action setstaenrolleepinwifi1 or setstaenrolleepinwifi0 with a sufficiently long wpsstaenrolleep...
D-Link DIR-825 and TRENDnet TEW-632BRP Command Injection Vulnerability (CNVD-2020-16102)
The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router.The TRENDnet TEW-632BRP is a 300Mbps wireless home router. A command injection vulnerability exists in the D-Link DIR-825 and TRENDnet TEW-632BRP. A remote attacker can exploit this vulnerability to execute arbitrary commands...
CVE-2019-13151
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the action setstaenrolleepin5g and the key wpsstaenrolleepin...
CVE-2018-19990
In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...