Tew-632brp Firmware Security Vulnerabilities and Issues — Tew-632brp Firmware CVE List

Lucene search

TrendnetTew-632brp Firmware

6 matches found

CVE•added 2020/03/07 1:15 a.m.•163 views

CVE-2020-10213

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.

9CVSS9AI score0.04554EPSS

CVE•added 2020/03/07 1:15 a.m.•161 views

CVE-2020-10215

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.

9CVSS9AI score0.04109EPSS

CVE•added 2020/03/07 1:15 a.m.•161 views

CVE-2020-10216

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.

9CVSS9AI score0.04583EPSS

CVE•added 2018/12/20 11:29 p.m.•35 views

CVE-2018-19242

Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).

8.8CVSS8.8AI score0.0288EPSS

CVE•added 2025/01/27 3:15 p.m.•35 views

CVE-2024-57590

TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntp_server" passed to the "ntp_sync.cgi" binary through a POST request.

9.8CVSS8.5AI score0.0031EPSS

CVE•added 2019/04/22 11:29 a.m.•26 views

CVE-2019-11418

apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.

9.8CVSS9.6AI score0.00459EPSS