RSS   Podatności dla 'Tew-812dru'   RSS

2014-02-04
 
CVE-2013-3365

CWE-78
 
 
TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) wan network prefix to internet/ipv6.asp; (2) remote port to adm/management.asp; (3) pptp username, (4) pptp password, (5) ip, (6) gateway, (7) l2tp username, or (8) l2tp password to internet/wan.asp; (9) NtpDstStart, (10) NtpDstEnd, or (11) NtpDstOffset to adm/time.asp; or (12) device url to adm/management.asp. NOTE: vectors 9, 10, and 11 can be exploited by unauthenticated remote attackers by leveraging CVE-2013-3098.

 
 
CVE-2013-3098

CWE-352
 
 
Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change admin credentials in a request to setSysAdm.cgi, (2) enable remote management or (3) enable port forwarding in an Apply action to uapply.cgi, or (4) have unspecified impact via a request to setNTP.cgi. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Trendnet 22 Produkty
Securview wireless internet camera activex control
Securview wireless internet camera
Tew-812dru
Tew-812dru firmware
Tv-ip422w
Tv-ip422wn
Tv-ip743sic
Tew-813dru firmware
Tew-652br firmware
Tew-711br firmware
Tew-731br firmware
Tew-651br firmware
Tew-810dr firmware
Tew-823dru firmware
Tew-751dr firmware
Tew-752dru firmware
Tew733gr firmware
Tew-673gru firmware
Tv-ip110wn firmware
Tv-ip121wn firmware
Tew-632brp firmware
Tew-827dru firmware

Copyright 2024, cxsecurity.com

 

Back to Top