Tew 929Dru Firmware

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-25429 MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-25428 HIGH POC This Week

TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tew 929Dru Firmware
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-25431 MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-25430 MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-25429
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD
CVE-2025-25428
EPSS 0% CVSS 8.0
HIGH POC This Week

TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tew 929Dru Firmware
NVD
CVE-2025-25431
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD
CVE-2025-25430
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XSS Tew 929Dru Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy