Trendnet Tew-827dru_firmware
42 CVEs affecting Trendnet Tew-827dru_firmware. Latest disclosed: 2024-06-03. Critical: 9, High: 24.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-28354 | Critical | 10.0 | 2024-03-15 | There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post reque… |
CVE-2021-20151 | Critical | 10.0 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions base… |
CVE-2021-20158 | Critical | 9.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the… |
CVE-2021-20155 | Critical | 9.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management we… |
CVE-2021-20149 | Critical | 9.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to… |
CVE-2020-14080 | Critical | 9.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arb… |
CVE-2019-13279 | Critical | 9.8 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, a… |
CVE-2019-13278 | Critical | 9.8 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an… |
CVE-2019-13276 | Critical | 9.8 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated… |
CVE-2024-28353 | High | 8.8 | 2024-03-15 | There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post reque… |
CVE-2021-20165 | High | 8.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Addit… |
CVE-2021-20160 | High | 8.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when… |
CVE-2021-20159 | High | 8.8 | 2021-12-30 | Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log functionality of the firmware allows for command injection as roo… |
CVE-2020-14076 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbit… |
CVE-2020-14081 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_pa… |
CVE-2020-14079 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbit… |
CVE-2020-14078 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbit… |
CVE-2020-14077 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbit… |
CVE-2020-14075 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect wi… |
CVE-2020-14074 | High | 8.8 | 2020-06-15 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbit… |