CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

CVE-2026-7606

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...

8.1CVSS5.4AI score0.00031EPSS

NVD•added 2026/05/02 10:16 a.m.•3 views

CVE-2026-7611

8.1CVSS0.00031EPSS

NVD•added 2026/05/02 8:16 a.m.•4 views

CVE-2026-7606

8.1CVSS0.00031EPSS

Vulnrichment•added 2026/05/02 6:45 a.m.•3 views

CVE-2026-7606 TRENDnet TEW-821DAP Firmware Update new_gui_update_firmware data authenticity

EUVD•added 2026/05/02 6:45 a.m.•4 views

EUVD-2026-26760

ATTACKERKB•added 2026/05/02 6:45 a.m.•5 views

CVE-2026-7606

Exploits1References5Affected Software1

Positive Technologies•added 2026/05/02 12:0 a.m.•4 views

PT-2026-36585

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find hwid/new gui update firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be...

Positive Technologies•added 2026/05/02 12:0 a.m.•1 views

Exploits1References5

PT-2026-36603

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...

6.3CVSS5.6AI score0.00031EPSS

Exploits1References8

CNNVD•added 2026/05/02 12:0 a.m.•3 views

TRENDnet TEW-821DAP 数据伪造问题漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. The version TRENDnet TEW-821DAP 1.12B01 has a vulnerability related to data falsification. This vulnerability stems from improper handling of the parameter dest in the findHWid/newGuiUpdateFirmware function within the...

8.1CVSS5.8AI score0.00031EPSS

CVE•added 2026/03/20 7:2 a.m.•5 views

CVE-2026-4478

Yi Technology YI Home Camera 2 (version 2.1.1_20171024151200) is affected by CVE-2026-4478 due to improper verification of cryptographic signatures in the HTTP Firmware Update Handler (file path: home/web/ipc). The root cause is in the firmware update flow, enabling a remote attack with high impa...

9.2CVSS6.3AI score0.00006EPSS

Exploits0References3

RedhatCVE•added 2025/10/28 4:54 p.m.•2 views

CVE-2025-12295

A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature are...

8.1CVSS6.8AI score0.00233EPSS

RedhatCVE•added 2025/10/28 4:54 p.m.•1 views

CVE-2025-12296

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be...

9.8CVSS7AI score0.00133EPSS

EUVD•added 2025/10/27 4:32 p.m.•2 views

EUVD-2025-36209

5.8CVSS6.5AI score0.00133EPSS

CVE•added 2025/10/27 4:32 p.m.•6 views

CVE-2025-12296

The CVE-2025-12296 entry affects D-Link DAP-2695 model with firmware 2.00RC13. The vulnerability arises from the function sub_4174B0 in the Firmware Update Handler, enabling os command injection due to a manipulation. It can be triggered remotely, and the exploit has been publicly disclosed. The ...

9.8CVSS5.2AI score0.00133EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/10/27 4:32 p.m.•1 views

CVE-2025-12296 D-Link DAP-2695 Firmware Update sub_4174B0 os command injection

5.8CVSS6.7AI score0.00133EPSS

Exploits1References5

CNNVD•added 2025/10/27 12:0 a.m.•1 views

D-Link DAP-2695 操作系统命令注入漏洞

The D-Link DAP-2695 is a high-performance dual-band wireless access point from China AUO D-Link. An OS command injection vulnerability exists in the D-Link DAP-2695 version 2.00RC13, which originates from the presence of os command injection in the function sub4174B0 in the Firmware Update Handle...

9.8CVSS5.5AI score0.00133EPSS

Positive Technologies•added 2025/10/27 12:0 a.m.•1 views

PT-2025-43985

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub 4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may b...

5.8CVSS7AI score0.00133EPSS

Positive Technologies•added 2025/10/27 12:0 a.m.•2 views

PT-2025-43984

A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub 40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature ar...

7.5CVSS6.8AI score0.00233EPSS

CNVD•added 2025/10/17 12:0 a.m.•1 views

D-Link DAP-2695 Operating System Command Injection Vulnerability

The D-Link DAP-2695 is a high-performance dual-band wireless access point from China's AUO D-Link. The D-Link DAP-2695 version 2.00RC131 suffers from an operating system command injection vulnerability, which originates from the failure of the function fwupdatermain of the component Firmware Upda...

9.8CVSS7.8AI score0.00311EPSS