16 matches found
CVE-2026-4354
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
EUVD-2026-12685
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
CVE-2026-4354
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
TRENDnet TEW-824DRU 代码注入漏洞
TRENDnet TEW-824DRU is a dual-band wireless router produced by TRENDnet Corporation. Both versions of the TRENDnet TEW-824DRU, 1.010B01 and 1.04B01, contain a code injection vulnerability. This vulnerability stems from improper handling of the Language parameter in the sub420A78 function within t...
CVE-2026-4354 TRENDnet TEW-824DRU Web apply_sec.cgi sub_420A78 cross site scripting
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
CVE-2026-4354 TRENDnet TEW-824DRU Web apply_sec.cgi sub_420A78 cross site scripting
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
CVE-2026-4354
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub420A78 of the file applysec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. T...
CVE-2026-4354
Summary of CVE-2026-4354 : TRENDnet TEW-824DRU devices (firmware versions 1.010B01/1.04B01) are affected. The vulnerability resides in the Web Interface component, specifically the function sub_420A78 in apply_sec.cgi, where manipulating the Language argument enables cross-site scripting (XSS). T...
PT-2026-25964
A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub 420A78 of the file apply sec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely...
The vulnerability of the sub_420AE0() function in Trendnet’s router software TEW-824DRU allows a hacker to execute arbitrary code.
The vulnerability of the sub420AE0 function in Trendnet’s router software TEW-824DRU is related to insufficient checking of arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the system.ntp.server parameter...
CVE-2024-22545
An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub420AE0 function. The attack can be launched remotely...
Design/Logic Flaw
An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub420AE0 function. The attack can be launched remotely...
CVE-2024-22545
TRENDnet TEW-824DRU 1.04b01 contains a vulnerability in the system.ntp.server parameter within sub_420AE0() that allows unauthenticated attackers to execute arbitrary code. The issue can be exploited remotely, according to the initial description. Public technical details in the connected documen...
PT-2024-1406 · Trendnet · Trendnet Tew-824Dru
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-824DRU version 1.04b01 Description: An issue in the TRENDnet TEW-824DRU allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub 420AE0 function. The attack can be launched remotel...
CVE-2024-22545
An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub420AE0 function. The attack can be launched remotely...
CVE-2024-22545
An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub420AE0 function. The attack can be launched remotely...