8 matches found
TrendNet TW100-S4W1CA Cross-Site Request Forgery Vulnerability
The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site request forgery vulnerability exists in the TrendNet TW100-S4W1CA version 2.3.32. The vulnerability stems from a lack of proper session control. An attacker could exploit the vulnerability to make unauthorized changes to the...
CVE-2021-32426
In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command...
CVE-2021-32424
In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the route...
Design/Logic Flaw
In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the route...
CVE-2021-32426
In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command...
CVE-2021-32426
The connected sources confirm a Cross-Site Scripting (XSS) flaw in TrendNet TW100-S4W1CA router with firmware version 2.3.32. The vulnerability allows injecting arbitrary JavaScript into the router’s web interface via the echo command, enabling UI-scripted content execution. This is the concrete ...
TrendNet TW100-S4W1CA 跨站请求伪造漏洞
The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site request forgery vulnerability exists in the TrendNet TW100-S4W1CA version 2.3.32. The vulnerability stems from a lack of proper session control. An attacker could exploit the vulnerability to make unauthorized changes to the...
TrendNet TW100-S4W1CA 跨站脚本漏洞
The TrendNet TW100-S4W1CA is a four-port broadband router. A cross-site scripting vulnerability exists in TrendNet TW100-S4W1CA version 2.3.32. The vulnerability can be exploited to inject arbitrary JavaScript into the router's web interface via the echo command...