Skip to main content

Tw100 S4W1Ca Firmware

2 CVEs product

Monthly

CVE-2021-32426 MEDIUM POC This Month

In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tw100 S4W1Ca Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-32424 HIGH This Week

In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Tw100 S4W1Ca Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tw100 S4W1Ca Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Tw100 S4W1Ca Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy