Lucene search
K

8 matches found

CNVD
CNVD
added 2021/06/18 12:0 a.m.7 views

TrendNet TW100-S4W1CA Cross-Site Request Forgery Vulnerability

The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site request forgery vulnerability exists in the TrendNet TW100-S4W1CA version 2.3.32. The vulnerability stems from a lack of proper session control. An attacker could exploit the vulnerability to make unauthorized changes to the...

8.8CVSS6.6AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2021/06/17 10:15 p.m.4 views

CVE-2021-32426

In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command...

6.1CVSS6.5AI score0.00782EPSS
Exploits1References1
OSV
OSV
added 2021/06/17 10:15 p.m.2 views

CVE-2021-32424

In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the route...

8.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/06/17 10:15 p.m.12 views

Design/Logic Flaw

In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the route...

6.8CVSS8.4AI score0.00379EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/17 9:49 p.m.17 views

CVE-2021-32426

In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command...

6.5AI score0.00782EPSS
Exploits1References1
CVE
CVE
added 2021/06/17 9:49 p.m.77 views

CVE-2021-32426

The connected sources confirm a Cross-Site Scripting (XSS) flaw in TrendNet TW100-S4W1CA router with firmware version 2.3.32. The vulnerability allows injecting arbitrary JavaScript into the router’s web interface via the echo command, enabling UI-scripted content execution. This is the concrete ...

6.1CVSS6.2AI score0.00782EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.2 views

TrendNet TW100-S4W1CA 跨站请求伪造漏洞

The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site request forgery vulnerability exists in the TrendNet TW100-S4W1CA version 2.3.32. The vulnerability stems from a lack of proper session control. An attacker could exploit the vulnerability to make unauthorized changes to the...

8.8CVSS5.5AI score0.00379EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.4 views

TrendNet TW100-S4W1CA 跨站脚本漏洞

The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site scripting vulnerability exists in TrendNet TW100-S4W1CA version 2.3.32. The vulnerability can be exploited to inject arbitrary JavaScript into the router's web interface via the echo command...

6.1CVSS5.4AI score0.00782EPSS
Exploits1References2
Rows per page
Query Builder