28 matches found
TRENDnet TEW-800MB Command Injection Vulnerability
The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the parameter WizardConfigured in the file /goform/wizardset, which can be exploited by an attacker to execute arbitrary...
TRENDnet TEW-800MB Command Injection Vulnerability
The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the function subF934 in the file NTPSyncWithHost.cgi, which can be exploited by an attacker to execute arbitrary command...
CVE-2025-15137
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contact...
EUVD-2025-205509
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...
EUVD-2025-205511
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...
CVE-2025-15137
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...
CVE-2025-15137
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...
CVE-2025-15136
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...
CVE-2025-15136
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...
CVE-2025-15137
TRENDnet TEW-800MB (version 1.0.1.0) is affected by a vulnerability in NTPSyncWithHost.cgi, within the sub_F934 function, enabling remote command injection. This vulnerability can impact confidentiality, integrity, and availability (high impact per sources) and is reachable over the network with ...
CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934 command injection
A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...
CVE-2025-15136
TRENDnet TEW-800MB (firmware 1.0.1.0) contains a command injection flaw in the Management Interface. The affected function is do_setWizard_asp in /goform/wizardset, where manipulating the WizardConfigured argument can trigger arbitrary command execution. The issue is exploitable remotely over the...
CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...
CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection
A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...
TRENDnet TEW-800MB 命令注入漏洞
The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the function subF934 in the file NTPSyncWithHost.cgi, which can be exploited by an attacker to execute arbitrary command...
TRENDnet TEW-800MB 命令注入漏洞
The TRENDnet TEW-800MB is a dual-band wireless router from TRENDnet. The TRENDnet TEW-800MB suffers from a command injection vulnerability that originates from a misbehavior of the parameter WizardConfigured in the file /goform/wizardset, which can be exploited by an attacker to execute arbitrary...
PT-2025-53627
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-800MB version 1.0.1.0 Description A security issue has been identified in TRENDnet TEW-800MB version 1.0.1.0. The issue resides in the Management Interface component, specifically within the do setWizard asp function located in th...
PT-2025-53628
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-800MB version 1.0.1.0 Description A command injection issue exists in the TRENDnet TEW-800MB. The issue is located in the NTPSyncWithHost.cgi file, specifically within the sub F934 function. Successful exploitation allows for remo...
CVE-2024-0918
A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploi...
The vulnerability of the POST Request Handler component in Trendnet’s microprogrammed routing software TEW-800MB allows a attacker to execute arbitrary commands.
The vulnerability of the POST Request Handler component in Trendnet’s TEW-800MB router software lies in insufficient validation of the DeviceURL parameter used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands or cause service...