Trendnet Tew-820Ap Firmware vulnerabilities
8 known vulnerabilities affecting trendnet/tew-820ap_firmware.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH7
Vulnerabilities
Page 1 of 1
CVE-2024-50667P2CRITICALCVSS 9.8v1.01.b012024-11-11
CVE-2024-50667 [CRITICAL] CWE-120 CVE-2024-50667: The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6A
The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks.
nvd
CVE-2022-44373P3HIGHCVSS 8.8v1.01.b012022-12-07
CVE-2022-44373 [HIGH] CWE-787 CVE-2022-44373: A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R
A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution.
nvd
CVE-2023-24096P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2023-24096 [HIGH] CWE-787 CVE-2023-24096: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd
CVE-2022-47065P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2022-47065 [HIGH] CWE-787 CVE-2022-47065: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd
CVE-2023-24099P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2023-24099 [HIGH] CWE-787 CVE-2023-24099: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd
CVE-2023-24097P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2023-24097 [HIGH] CWE-787 CVE-2023-24097: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd
CVE-2023-24095P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2023-24095 [HIGH] CWE-787 CVE-2023-24095: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd
CVE-2023-24098P3HIGHCVSS 8.8v1.01.b012023-01-23
CVE-2023-24098 [HIGH] CWE-787 CVE-2023-24098: TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to cont
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
nvd