Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TRENDnet — Vulnerabilities & Security Advisories 45

Browse all 45 CVE security advisories affecting TRENDnet. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TRENDnet operates primarily as a manufacturer of consumer and small business networking hardware, including routers, switches, and IP cameras. Security audits have identified forty-five Common Vulnerabilities and Exposures (CVEs) associated with its product lines, highlighting systemic weaknesses in embedded software development. Historically, these vulnerabilities frequently manifest as remote code execution (RCE) and cross-site scripting (XSS), often stemming from inadequate input validation in web management interfaces. Privilege escalation flaws are also prevalent, allowing unauthenticated attackers to gain administrative control over devices. Notable incidents include the exploitation of default credentials and hardcoded secrets in older camera models, which facilitated large-scale botnet recruitment. The company’s security posture has faced criticism for delayed firmware updates and limited transparency regarding patch cycles. These recurring issues underscore significant challenges in securing IoT infrastructure, where resource constraints often compromise robust authentication and encryption mechanisms.

Top products by TRENDnet: TEW-657BRM TEW-811DRU TEW-821DAP TEW-652BRP TEW-822DRE TEW-800MB TEW-713RE TEW-818DRU TEW-410APB TEW-637AP TV-IP121W TI-G160i TV-IP110WN TN-200 TEW-831DR TEW-411BRP+ TEW-632BRP TEW-824DRU TI-G102i TEW-815DAP
CVE IDTitleCVSSSeverityPublished
CVE-2025-2958 TRENDnet TEW-818DRU HTTP Request httpd denial of service — TEW-818DRUCWE-404 6.5 Medium2025-03-30
CVE-2025-2957 TRENDnet TEW-411BRP+ HTTP Request httpd sub_401DB0 null pointer dereference — TEW-411BRP+CWE-476 6.5 Medium2025-03-30
CVE-2025-2956 TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference — TI-G102iCWE-476 6.5 Medium2025-03-30
CVE-2024-0920 TRENDnet TEW-822DRE POST Request admin_ping.htm command injection — TEW-822DRECWE-77 7.2 High2024-01-26
CVE-2024-0919 TRENDnet TEW-815DAP POST Request do_setNTP command injection — TEW-815DAPCWE-77 8.8 High2024-01-26
CVE-2024-0918 TRENDnet TEW-800MB POST Request os command injection — TEW-800MBCWE-78 7.2 High2024-01-26
CVE-2023-0640 TRENDnet TEW-652BRP Web Interface ping.ccp command injection — TEW-652BRPCWE-77 7.2 High2023-02-02
CVE-2023-0639 TRENDnet TEW-652BRP Web Management Interface get_set.ccp cross site scripting — TEW-652BRPCWE-79 2.4 Low2023-02-02
CVE-2023-0638 TRENDnet TEW-811DRU Web Interface command injection — TEW-811DRUCWE-77 7.2 High2023-02-02
CVE-2023-0637 TRENDnet TEW-811DRU Web Management Interface wan.asp memory corruption — TEW-811DRUCWE-119 6.5 Medium2023-02-02
CVE-2023-0618 TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption — TEW-652BRPCWE-119 7.5 High2023-02-01
CVE-2023-0617 TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow — TEW-811DRUCWE-120 7.5 High2023-02-01
CVE-2023-0613 TRENDnet TEW-811DRU httpd security.asp memory corruption — TEW-811DRUCWE-119 7.5 High2023-02-01
CVE-2023-0612 TRENDnet TEW-811DRU httpd basic.asp buffer overflow — TEW-811DRUCWE-120 7.5 High2023-02-01
CVE-2023-0611 TRENDnet TEW-652BRP Web Management Interface get_set.ccp command injection — TEW-652BRPCWE-77 8.8 High2023-02-01

This page lists every published CVE security advisory associated with TRENDnet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.