CVE-2024-51188
- EPSS 0.2%
- Published 11.11.2024 20:15:18
- Last modified 01.04.2025 18:21:05
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page.
CVE-2024-51189
- EPSS 0.2%
- Published 11.11.2024 20:15:18
- Last modified 01.04.2025 18:21:08
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page.
CVE-2024-51190
- EPSS 0.2%
- Published 11.11.2024 20:15:18
- Last modified 01.04.2025 18:21:12
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page.
CVE-2024-51187
- EPSS 0.2%
- Published 11.11.2024 20:15:17
- Last modified 01.04.2025 18:20:57
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the firewallRule_Name_1.1.1.0.0 parameter on the /firewall_setting.htm page.
CVE-2019-11400
- EPSS 1.44%
- Published 18.12.2019 15:15:11
- Last modified 21.11.2024 04:21:02
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter.
- EPSS 4.96%
- Published 18.12.2019 15:15:10
- Last modified 21.11.2024 04:21:01
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.
- EPSS 78.16%
- Published 21.09.2017 16:29:00
- Last modified 20.04.2025 01:37:25
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.