CVE-2026-5353

A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function pingtest of the file /setup.cgi. Performing a manipulation of the argument c4IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The...

CVE-2026-5353 Trendnet TEW-657BRM setup.cgi ping_test os command injection

A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function pingtest of the file /setup.cgi. Performing a manipulation of the argument c4IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The...

VulnCheck KEV: CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...

EUVD-2025-13242

Malicious code in bioql PyPI...

The vulnerability of the ping_test() function in the adm.cgi script of the Wavlink WL-WN530H4 router software allows a hacker to execute arbitrary commands.

The vulnerability of the pingtest function in the adm.cgi script of the Wavlink WL-WN530H4 router software is related to the lack of data cleaning at the control level when processing the pingIp parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2021-28841

Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to applycgi via an action pingtest without a pingipaddr key...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44868

CVE-2025-44868 affects Wavlink WL-WN530H4 (version 20220801). The ping_test function in adm.cgi is exploitable via the pingIp parameter, enabling arbitrary command execution through crafted requests to /adm.cgi. The CVSSv3.1 vector is NETWORK/LOW/None/High impact across confidentiality, integrity...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2021-28841

Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to applycgi via an action pingtest without a pingipaddr key...

CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...

CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...

Stack overflow

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...

CVE-2020-14080

Trendnet TEW-827DRU devices up to firmware version 2.06B04 are affected by a stack-based buffer overflow in the ssi binary. An unauthenticated attacker can cause arbitrary code execution by sending a specially crafted POST to apply_sec.cgi with action ping_test and a long ping_ipaddr value. The i...

CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...