Trendnet : Security Vulnerabilities, CVEs, (Bypass)
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection. No username or password is required and the user is given a root shell with full control of the device.
Max CVSS
7.2
EPSS Score
0.06%
Published
2021-12-30
Updated
2022-07-12
TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
Max CVSS
7.5
EPSS Score
0.18%
Published
2018-02-14
Updated
2020-08-24
TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.
Max CVSS
9.0
EPSS Score
0.11%
Published
2017-04-10
Updated
2017-04-14
CVE-2015-1187
Known exploited
Public exploit
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
Max CVSS
10.0
EPSS Score
93.83%
Published
2017-09-21
Updated
2023-11-08
CISA KEV Added
2022-03-25
TRENDnet TS-S402 has a backdoor to enable TELNET.
Max CVSS
7.5
EPSS Score
0.09%
Published
2020-02-13
Updated
2020-02-26
Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.
Max CVSS
10.0
EPSS Score
0.24%
Published
2019-11-13
Updated
2020-02-10
6 vulnerabilities found