tew-827dru firmware · threatengine.sh

CVE-2024-36729

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

6.3MEDIUM

CVE-2024-36728

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.1HIGH

CVE-2024-28354

all versions

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject

10.0CRITICAL

CVE-2024-28353

all versions

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject

8.8HIGH

CVE-2021-20165

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF prot

8.8HIGH

CVE-2021-20164

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and

4.9MEDIUM

CVE-2021-20163

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and passwords for all ftp users are r

4.9MEDIUM

CVE-2021-20162

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and passwords are stored in plaintext in the

4.9MEDIUM

CVE-2021-20161

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. A malicious actor with

6.8MEDIUM

CVE-2021-20160

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The

8.8HIGH

CVE-2021-20159

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log functionality of the firmware allows

8.8HIGH

CVE-2021-20158

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated,

9.8CRITICAL

CVE-2021-20157

all versions

It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command.

7.5HIGH

CVE-2021-20156

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firm

6.5MEDIUM

CVE-2021-20155

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configu

9.8CRITICAL

CVE-2021-20154

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by d

7.5HIGH

CVE-2021-20153

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bitto

6.8MEDIUM

CVE-2021-20152

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able

6.5MEDIUM

CVE-2021-20151

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management softw

10.0CRITICAL

CVE-2021-20150

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication

5.3MEDIUM

CVE-2021-20149

all versions

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ru

9.8CRITICAL

CVE-2020-14076

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.8HIGH

CVE-2020-14081

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with th

8.8HIGH

CVE-2020-14080

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauth

9.8CRITICAL

CVE-2020-14079

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.8HIGH

CVE-2020-14078

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.8HIGH

CVE-2020-14077

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.8HIGH

CVE-2020-14075

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppo

8.8HIGH

CVE-2020-14074

<= 2.06b04

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authen

8.8HIGH

CVE-2019-13279

<= 2.04b03

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user

9.8CRITICAL

CVE-2019-13278

<= 2.04b03

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for

9.8CRITICAL

CVE-2019-13276

<= 2.04b03

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overfl

9.8CRITICAL

CVE-2019-13277

<= 2.04b03

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functiona

7.5HIGH

CVE-2019-13280

<= 2.04b03

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error mess

8.8HIGH

CVE-2019-13155

< 2.05b11