Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TRENDNet — Vulnerabilities & Security Advisories 45

Browse all 45 CVE security advisories affecting TRENDNet. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TRENDnet operates primarily as a manufacturer of consumer and small business networking hardware, including routers, switches, and IP cameras. Security audits have identified forty-five Common Vulnerabilities and Exposures (CVEs) associated with its product lines, highlighting systemic weaknesses in embedded software development. Historically, these vulnerabilities frequently manifest as remote code execution (RCE) and cross-site scripting (XSS), often stemming from inadequate input validation in web management interfaces. Privilege escalation flaws are also prevalent, allowing unauthenticated attackers to gain administrative control over devices. Notable incidents include the exploitation of default credentials and hardcoded secrets in older camera models, which facilitated large-scale botnet recruitment. The company’s security posture has faced criticism for delayed firmware updates and limited transparency regarding patch cycles. These recurring issues underscore significant challenges in securing IoT infrastructure, where resource constraints often compromise robust authentication and encryption mechanisms.

Top products by TRENDNet: TEW-657BRM TEW-811DRU TEW-821DAP TEW-652BRP TEW-822DRE TEW-800MB TEW-713RE TEW-818DRU TEW-410APB TEW-637AP TV-IP121W TI-G160i TV-IP110WN TN-200 TEW-831DR TEW-411BRP+ TEW-632BRP TEW-824DRU TI-G102i TEW-815DAP
CVE IDTitleCVSSSeverityPublished
CVE-2026-7611 TRENDnet TEW-821DAP Firmware Update cameo_dev.sh platform_do_upgrade_cameo_dev data authenticity — TEW-821DAPCWE-345 3.7 Low2026-05-02
CVE-2026-7610 TRENDnet TEW-821DAP Firmware Update ssi cleartext transmission — TEW-821DAPCWE-319 3.7 Low2026-05-02
CVE-2026-7609 TRENDnet TEW-821DAP Firmware Udpate diagnostic tools_diagnostic os command injection — TEW-821DAPCWE-78 6.3 Medium2026-05-02
CVE-2026-7608 TRENDnet TEW-821DAP tools_diagnostic os command injection — TEW-821DAPCWE-78 5.5 Medium2026-05-02
CVE-2026-7607 TRENDnet TEW-821DAP Firmware Udpate auto_update_firmware buffer overflow — TEW-821DAPCWE-120 8.8 High2026-05-02
CVE-2026-7606 TRENDnet TEW-821DAP Firmware Update new_gui_update_firmware data authenticity — TEW-821DAPCWE-345 3.7 Low2026-05-02
CVE-2026-5355 Trendnet TEW-657BRM setup.cgi vpn_drop os command injection — TEW-657BRMCWE-78 6.3 Medium2026-04-02
CVE-2026-5354 Trendnet TEW-657BRM setup.cgi vpn_connect os command injection — TEW-657BRMCWE-78 6.3 Medium2026-04-02
CVE-2026-5353 Trendnet TEW-657BRM setup.cgi ping_test os command injection — TEW-657BRMCWE-78 6.3 Medium2026-04-02
CVE-2026-5352 Trendnet TEW-657BRM setup.cgi edit os command injection — TEW-657BRMCWE-78 6.3 Medium2026-04-02
CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection — TEW-657BRMCWE-78 6.3 Medium2026-04-02
CVE-2026-5350 Trendnet TEW-657BRM setup.cgi update_pcdb stack-based overflow — TEW-657BRMCWE-121 8.8 High2026-04-02
CVE-2026-5349 Trendnet TEW-657BRM setup.cgi add_apcdb stack-based overflow — TEW-657BRMCWE-121 8.8 High2026-04-02
CVE-2026-5184 TRENDnet TEW-713RE setSysAdm command injection — TEW-713RECWE-77 6.3 Medium2026-03-31
CVE-2026-5183 TRENDnet TEW-713RE addRouting sub_421494 command injection — TEW-713RECWE-77 6.3 Medium2026-03-31
CVE-2026-4354 TRENDnet TEW-824DRU Web apply_sec.cgi sub_420A78 cross site scripting — TEW-824DRUCWE-79 3.5 Low2026-03-17
CVE-2026-4172 TRENDnet TEW-632BRP HTTP POST Request ping_response.cgi stack-based overflow — TEW-632BRPCWE-121 7.2 High2026-03-15
CVE-2025-15472 TRENDnet TEW-811DRU httpd  uapply.cgi setDeviceURL  os command injection — TEW-811DRUCWE-78 7.2 High2026-01-06
CVE-2025-15471 TRENDnet TEW-713RE formFSrvX os command injection — TEW-713RECWE-78 9.8 Critical2026-01-06
CVE-2025-15139 TRENDnet TEW-822DRE formWsc sub_43ACF4  command injection — TEW-822DRECWE-77 6.3 Medium2025-12-28
CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection — TEW-800MBCWE-77 8.8 High2025-12-28
CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection — TEW-800MBCWE-77 8.8 High2025-12-28
CVE-2025-10107 TRENDnet TEW-831DR formSysCmd command injection — TEW-831DRCWE-77 4.7 Medium2025-09-09
CVE-2025-8759 TRENDnet TN-200 Lighttpd hard-coded key — TN-200CWE-321 3.7 Low2025-08-09
CVE-2025-8758 TRENDnet TEW-822DRE vsftpd least privilege violation — TEW-822DRECWE-272 7.0 High2025-08-09
CVE-2025-8757 TRENDnet TV-IP110WN Embedded Boa Web Server boa.conf least privilege violation — TV-IP110WNCWE-272 7.0 High2025-08-09
CVE-2025-8731 TRENDnet TI-G160i/TI-PG102i/TPL-430AP SSH Service default credentials — TI-G160iCWE-1392 9.8 Critical2025-08-08
CVE-2025-5870 TRENDnet TV-IP121W Web Interface setup.cgi improper authentication — TV-IP121WCWE-287 7.3 High2025-06-09
CVE-2025-2960 TRENDnet TEW-637AP/TEW-638APB HTTP Request goahead sub_41DED0 null pointer dereference — TEW-637APCWE-476 6.5 Medium2025-03-30
CVE-2025-2959 TRENDnet TEW-410APB HTTP Request httpd sub_4019A0 null pointer dereference — TEW-410APBCWE-476 6.5 Medium2025-03-30

This page lists every published CVE security advisory associated with TRENDNet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.