INDOOR WIRELESS ACCESS POINTS BUFFER OVERFLOW AND COMMAND INJECTION VULNERABILITIES

CVE ID: CVE-2023-51146, CVE-2023-51147,CVE-2023-51148

TRENDnet is aware of the buffer overflow and command injection vulnerabilities involving

TEW-821DAP hardware version V2.xR, firmware version 3.01B02 and earlier
TEW-825DAP hardware version v1.xR, firmware version 2.02B01 and earlier
TEW-826DAP hardware version v1.xR, firmware version 2.00B08 and earlier
TEW-921DAP hardware version v1.xR, firmware version 2.13B02 and earlier

Indoor Wireless Access Point that could allow a malicious cyber attacker to take over the device and gain access to its operating system.

TRENDnet has released firmware update to address these vulnerabilities, please click on the link below to go to the product’s download page, download the latest firmware, and perform the firmware upgrade.

TEW-821DAP V2.xR

TEW-825DAP V1.xR

TEW-826DAP V1.xR

TEW-921DAP V1.xR

 

REVISION:

2/12/2024 added additional models
1/11/2024 Initial release