Trendnet Tew 820ap Firmware

Trendnet TEW-820AP 1.01.B01 Boa HTTPd Stack Overflow Vulnerability in IPv6 Address Handling
CVE-2024-50667 - November 11, 2024

The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks.

TrendNet TEW-820AP v1.0R 1.01.B01 Stack Overflow /formWizardPassword
CVE-2023-24099 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

TrendNet TEW-820AP v1.01.B01 Stack Overflow via /formSysLog CVE-2023-24098
CVE-2023-24098 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSysLog. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

TrendNet TEW-820AP v1.0R Stack Overflow via submit-url -> RCE
CVE-2023-24097 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formPasswordAuth. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

TrendNet TEW-820AP v1.0R Stack Overflow via newpass in formPasswordSetup
CVE-2023-24096 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the newpass parameter at /formPasswordSetup. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

TrendNet TEW-820AP v1.0R/firmware 1.01.B01 Stack Overflow via submit-url
CVE-2023-24095 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

TrendNet TEW-820AP v1.0R stack overflow via /formNewSchedule submit-url
CVE-2022-47065 8.8 - High - January 23, 2023

TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

Remote Code Execution via Stack Overflow in TrendNet TEW-820AP v1.0R fw 1.01.B01
CVE-2022-44373 8.8 - High - December 07, 2022

A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution.

Memory Corruption