Cross-Site Request Forgery Vulnerabilities in TRENDnet TEW-812DRU Router
CVE-2013-3098

Currently unrated

Key Information:

Vendor: Trendnet
Status: Tew-812dru Firmware; Tew-812dru
Vendor: CVE Published:; 4 February 2014

What is CVE-2013-3098?

The TRENDnet TEW-812DRU router is susceptible to multiple cross-site request forgery (CSRF) vulnerabilities which allow remote attackers to manipulate the device’s administrative settings. Attackers can trick administrators into submitting requests that change crucial settings, including admin credentials, enable remote management, or modify port forwarding configurations. These vulnerabilities can seriously compromise the device's security, leading to unauthorized access and control if not addressed.

References

http://osvdb.org/95803

vdb-entryx_refsource_OSVDB

http://securityevaluators.com/content/case-studies/router...

x_refsource_MISC

http://securityevaluators.com/knowledge/case_studies/rout...

x_refsource_MISC

Timeline

Vulnerability published
Feb 4, 2014
Vulnerability Reserved
Apr 17, 2013

Trendnet

What is CVE-2013-3098?

References

Timeline