Tew 713Re
Monthly
Remote command injection in TRENDnet TEW-713RE firmware up to version 1.02 allows authenticated remote attackers to execute arbitrary commands via the admuser parameter in the /goform/setSysAdm endpoint. Publicly available exploit code exists, and the vendor has not responded to early disclosure attempts, leaving all affected devices without a vendor-released patch.
Command injection in TRENDnet TEW-713RE firmware up to version 1.02 allows authenticated remote attackers to execute arbitrary commands via manipulation of the dest parameter in the /goform/addRouting function. The vulnerability has a CVSS score of 6.3 and publicly available exploit code exists; the vendor has not responded to early disclosure attempts, leaving affected devices without an official patch.
Remote command injection in TRENDnet TEW-713RE firmware up to version 1.02 allows authenticated remote attackers to execute arbitrary commands via the admuser parameter in the /goform/setSysAdm endpoint. Publicly available exploit code exists, and the vendor has not responded to early disclosure attempts, leaving all affected devices without a vendor-released patch.
Command injection in TRENDnet TEW-713RE firmware up to version 1.02 allows authenticated remote attackers to execute arbitrary commands via manipulation of the dest parameter in the /goform/addRouting function. The vulnerability has a CVSS score of 6.3 and publicly available exploit code exists; the vendor has not responded to early disclosure attempts, leaving affected devices without an official patch.