Browse all 3 CVE security advisories affecting Comtrend. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Comtrend primarily manufactures networking equipment, including routers and modems, for internet service providers. Historically, their devices have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and default credentials. Security researchers have frequently identified flaws in their web interfaces and firmware implementations. While no major public security incidents have been widely documented, the presence of multiple CVEs indicates ongoing security challenges in their product lines. Their devices remain targets for exploitation due to widespread deployment in consumer and small business environments, emphasizing the need for regular firmware updates and proper configuration by end users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25483 | Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k Restricted Shell Escape — AR-5310CWE-306 | 8.4 | High | 2026-03-11 |
| CVE-2024-5786 | Cross-Site Request Forgery vulnerability in Comtrend router — Comtrend WLD71-T1_v2.0.201820CWE-352 | 6.5 | Medium | 2024-06-10 |
| CVE-2024-5785 | Command injection vulnerability in Comtrend router — Comtrend WLD71-T1_v2.0.201820CWE-78 | 8.0 | High | 2024-06-10 |
This page lists every published CVE security advisory associated with Comtrend. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.