Filtered by vendor Trendnet Subscriptions
Total 168 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-37644 1 Trendnet 2 Tew-814dap, Tew-814dap Firmware 2025-05-27 8.8 High
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVE-2024-37641 1 Trendnet 2 Tew-814dap, Tew-814dap Firmware 2025-05-27 8.8 High
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule
CVE-2024-37642 1 Trendnet 2 Tew-814dap, Tew-814dap Firmware 2025-05-27 9.1 Critical
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .
CVE-2024-37643 1 Trendnet 2 Tew-814dap, Tew-814dap Firmware 2025-05-27 8.8 High
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .
CVE-2024-37645 1 Trendnet 2 Tew-814dap, Tew-814dap Firmware 2025-05-27 8.8 High
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog .
CVE-2025-25523 1 Trendnet 2 Teg-40128, Teg-40128 Firmware 2025-05-23 5.9 Medium
Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.
CVE-2025-25429 1 Trendnet 2 Tew-929dru, Tew-929dru Firmware 2025-05-21 4.8 Medium
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page.
CVE-2025-25428 1 Trendnet 2 Tew-929dru, Tew-929dru Firmware 2025-05-21 8 High
TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
CVE-2025-25430 1 Trendnet 2 Tew-929dru, Tew-929dru Firmware 2025-05-21 4.8 Medium
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page.
CVE-2025-25431 1 Trendnet 2 Tew-929dru, Tew-929dru Firmware 2025-04-30 4.8 Medium
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page.
CVE-2022-44373 1 Trendnet 2 Tew-820ap, Tew-820ap Firmware 2025-04-23 8.8 High
A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution.
CVE-2013-4659 2 Asus, Trendnet 4 Rt-ac66u, Rt-ac66u Firmware, Tew-812dru and 1 more 2025-04-20 N/A
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.
CVE-2015-2880 1 Trendnet 1 Tv-ip743sic 2025-04-20 N/A
TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.
CVE-2025-2960 1 Trendnet 4 Tew-637ap, Tew-637ap Firmware, Tew-638apb and 1 more 2025-04-15 6.5 Medium
A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub_41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-2959 1 Trendnet 2 Tew-410apb, Tew-410apb Firmware 2025-04-15 6.5 Medium
A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub_4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2022-46600 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2025-04-14 9.8 Critical
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_24g function.
CVE-2014-10011 1 Trendnet 2 Tv-ip422w, Tv-ip422wn 2025-04-12 N/A
Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long string to the (1) CGI_ParamSet, (2) OpenFileDlg, (3) SnapFileName, (4) Password, (5) SetCGIAPNAME, (6) AccountCode, or (7) RemoteHost function.
CVE-2022-46582 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2025-04-11 9.8 Critical
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function.
CVE-2022-46581 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2025-04-11 9.8 Critical
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function.
CVE-2022-46580 1 Trendnet 2 Tew-755ap, Tew-755ap Firmware 2025-04-11 9.8 Critical
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page parameter in the wifi_captive_portal function.