Tew-827dru Firmware Security Vulnerabilities and Issues — Tew-827dru Firmware CVE List

Lucene search

TrendnetTew-827dru Firmware

8 matches found

CVE•added 2020/06/15 4:15 a.m.•52 views

CVE-2020-14075

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.

9CVSS8.8AI score0.12273EPSS

CVE•added 2020/06/15 4:15 a.m.•51 views

CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi via the action ping_test with a sufficiently long ping_ipaddr key.

9.8CVSS9.9AI score0.03756EPSS

CVE•added 2020/06/15 4:15 a.m.•51 views

CVE-2020-14081

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.

9CVSS8.8AI score0.07475EPSS

CVE•added 2020/06/15 4:15 a.m.•50 views

CVE-2020-14077

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a sufficiently long wps_sta...

8.8CVSS8.9AI score0.03384EPSS

CVE•added 2020/06/15 4:15 a.m.•50 views

CVE-2020-14079

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action auto_up_fw (or auto_up_lp) with a sufficiently long update_file_name key.

8.8CVSS8.9AI score0.04895EPSS

CVE•added 2020/06/15 4:15 a.m.•48 views

CVE-2020-14078

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with a sufficiently long REMOTE_ADDR key.

8.8CVSS8.9AI score0.0385EPSS

CVE•added 2020/06/15 4:15 a.m.•47 views

CVE-2020-14074

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key.

8.8CVSS8.9AI score0.0385EPSS

CVE•added 2020/06/15 1:15 p.m.•29 views

CVE-2020-14076

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action st_dev_connect, st_dev_disconnect, or st_dev_rconnect with a sufficiently long wan_type key...

8.8CVSS8.9AI score0.06399EPSS