Trendnet Tew-814dap_firmware
5 CVEs affecting Trendnet Tew-814dap_firmware. Latest disclosed: 2024-06-14. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-37642 | Critical | 9.1 | 2024-06-14 | TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck . |
CVE-2024-37645 | High | 8.8 | 2024-06-14 | TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog . |
CVE-2024-37643 | High | 8.8 | 2024-06-14 | TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth . |
CVE-2024-37641 | High | 8.8 | 2024-06-14 | TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule |
CVE-2024-37644 | High | 8.8 | 2024-06-14 | TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. |