Trendnet Tew-827Dru Firmware vulnerabilities
41 known vulnerabilities affecting trendnet/tew-827dru_firmware.
Total CVEs
41
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL9HIGH23MEDIUM9
Vulnerabilities
Page 2 of 3
CVE-2020-14077P3HIGHCVSS 8.8≤ 2.06b042020-06-15
CVE-2020-14077 [HIGH] CWE-787 CVE-2020-14077: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a sufficiently long wps_sta_enrollee_pin key.
nvd
CVE-2020-14074P3HIGHCVSS 8.8≤ 2.06b042020-06-15
CVE-2020-14074 [HIGH] CWE-787 CVE-2020-14074: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key.
nvd
CVE-2020-14078P3HIGHCVSS 8.8≤ 2.06b042020-06-15
CVE-2020-14078 [HIGH] CWE-787 CVE-2020-14078: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with a sufficiently long REMOTE_ADDR key.
nvd
CVE-2019-13149P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13149 [HIGH] CWE-78 CVE-2019-13149: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the key passwd in Routing RIP Settings.
nvd
CVE-2019-13155P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13155 [HIGH] CWE-78 CVE-2019-13155: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the IP Address in Add Virtual Server.
nvd
CVE-2019-13153P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13153 [HIGH] CWE-78 CVE-2019-13153: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the Private Port in Add Virtual Server.
nvd
CVE-2019-13152P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13152 [HIGH] CWE-77 CVE-2019-13152: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the IP Address in Add Gaming Rule.
nvd
CVE-2019-13154P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13154 [HIGH] CWE-78 CVE-2019-13154: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the TCP Ports To Open in Add Gaming Rule.
nvd
CVE-2019-13280P3HIGHCVSS 8.8≤ 2.04b032019-07-09
CVE-2019-13280 [HIGH] CWE-787 CVE-2019-13280: TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can be exercised on the local intranet or remotely if remote
nvd
CVE-2019-13148P3HIGHCVSS 8.8fixed in 2.05b112019-07-02
CVE-2019-13148 [HIGH] CWE-77 CVE-2019-13148: An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the UDP Ports To Open in Add Gaming Rule.
nvd
CVE-2024-36729P3MEDIUMCVSS 6.3≤ 2.06b042024-06-03
CVE-2024-36729 [MEDIUM] CWE-121 CVE-2024-36729: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key.
nvd
CVE-2019-13277P3HIGHCVSS 7.5≤ 2.04b032019-07-09
CVE-2019-13277 [HIGH] CVE-2019-13277: TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or remotely if remote administration is enabled.
nvd
CVE-2021-20165P3HIGHCVSS 8.8v2.08b012021-12-30
CVE-2021-20165 [HIGH] CWE-352 CVE-2021-20165: Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages
Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Additionally, pages that do make use of CSRF tokens are trivially bypassable as the server does not appear to validate them properly (i.e. re-using an old token or finding the token thru some other me
nvd
CVE-2021-20152P3MEDIUMCVSS 6.5v2.08b012021-12-30
CVE-2021-20152 [MEDIUM] CWE-306 CVE-2021-20152: Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionali
Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/
nvd
CVE-2021-20154P3HIGHCVSS 7.5v2.08b012021-12-30
CVE-2021-20154 [HIGH] CWE-319 CVE-2021-20154: Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords.
nvd
CVE-2021-20156P3MEDIUMCVSS 6.5v2.08b012021-12-30
CVE-2021-20156 [MEDIUM] CWE-347 CVE-2021-20156: Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that co
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes fi
nvd
CVE-2021-20153P4MEDIUMCVSS 6.8v2.08b012021-12-30
CVE-2021-20153 [MEDIUM] CWE-59 CVE-2021-20153: Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functi
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloa
nvd
CVE-2021-20161P4MEDIUMCVSS 6.8v2.08b012021-12-30
CVE-2021-20161 [MEDIUM] CWE-287 CVE-2021-20161: Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functio
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection. No username or password is required and the user is given a root shell with full control of the device.
nvd
CVE-2021-20162P4MEDIUMCVSS 4.9v2.08b012021-12-30
CVE-2021-20162 [MEDIUM] CWE-312 CVE-2021-20162: Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and passwords
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and passwords are stored in plaintext in the config files on the device. For example, /etc/config/cameo contains the admin password in plaintext.
nvd
CVE-2021-20164P4MEDIUMCVSS 4.9v2.08b012021-12-30
CVE-2021-20164 [MEDIUM] CWE-522 CVE-2021-20164: Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionalit
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page.
nvd