Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tew\-673gru_firmware
(Trendnet)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-12-20 | CVE-2018-19242 | Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication). | Tew\-632brp_firmware, Tew\-673gru_firmware | 8.8 | ||
| 2018-12-20 | CVE-2018-19239 | TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability in the start_arpping function of the timer binary, which allows remote attackers to execute arbitrary commands via three parameters (dhcpd_start, dhcpd_end, and lan_ipaddr) passed to the apply.cgi binary through a POST request. | Tew\-673gru_firmware | 7.2 |