Lucene search
K

15 matches found

CNVD
CNVD
added 2019/07/11 12:0 a.m.3 views

TRENDnet TEW-827DRU Command Injection Vulnerability (CNVD-2019-22209)

The TRENDnet TEW-827DRU is a wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-827DRU using firmware version 2.04B03 and earlier. An attacker can exploit the vulnerability to execute arbitrary commands on the device...

10CVSS7.6AI score0.08783EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/11 12:0 a.m.2 views

TRENDnet TEW-827DRU Stack Buffer Overflow Vulnerability (CNVD-2019-22208)

The TRENDnet TEW-827DRU is a wireless router from TRENDnet. A buffer overflow vulnerability exists in the ssi binary in the TRENDnet TEW-827DRU using firmware version 2.04B03 and earlier. The vulnerability originates when a network system or product performs an operation on memory without properl...

9.8CVSS7.3AI score0.02767EPSS
Exploits1References1
OSV
OSV
added 2019/07/10 5:15 p.m.6 views

CVE-2019-13279

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote...

9.8CVSS7.8AI score0.02712EPSS
Exploits1References1
OSV
OSV
added 2019/07/10 5:15 p.m.6 views

CVE-2019-13278

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

9.8CVSS7.4AI score0.08783EPSS
Exploits1References1
OSV
OSV
added 2019/07/10 5:15 p.m.5 views

CVE-2019-13276

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by providing a sufficiently long query string when POSTing to any valid cgi, txt, asp, or js file. The...

9.8CVSS7.9AI score0.02767EPSS
Exploits1References1
NVD
NVD
added 2019/07/10 5:15 p.m.17 views

CVE-2019-13279

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote...

9.8CVSS9.8AI score0.02712EPSS
Exploits1References1
Prion
Prion
added 2019/07/10 5:15 p.m.18 views

Stack overflow

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by providing a sufficiently long query string when POSTing to any valid cgi, txt, asp, or js file. The...

7.5CVSS9.7AI score0.02767EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/07/10 5:15 p.m.21 views

Command injection

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

10CVSS9.5AI score0.08783EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/10 4:23 p.m.18 views

CVE-2019-13278

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

9.7AI score0.08783EPSS
Exploits1References1
OSV
OSV
added 2019/07/09 9:15 p.m.3 views

CVE-2019-13277

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or...

7.5CVSS7.1AI score0.01526EPSS
Exploits1References1
NVD
NVD
added 2019/07/09 9:15 p.m.14 views

CVE-2019-13277

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or...

7.5CVSS7.7AI score0.01526EPSS
Exploits1References1
NVD
NVD
added 2019/07/09 7:15 p.m.18 views

CVE-2019-13280

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...

8.8CVSS9AI score0.02076EPSS
Exploits1References1
OSV
OSV
added 2019/07/09 7:15 p.m.5 views

CVE-2019-13280

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...

8.8CVSS7.9AI score0.02076EPSS
Exploits1References1
Prion
Prion
added 2019/07/09 7:15 p.m.16 views

Stack overflow

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...

6.5CVSS8.9AI score0.02076EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/09 6:44 p.m.23 views

CVE-2019-13280

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can b...

9AI score0.02076EPSS
Exploits1References1
Rows per page
Query Builder