CVE-2025-25430

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-25430
Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page.
CVSS

No CVSS.

References
Link Resource
https://instinctive-acapella-fc7.notion.site/Trendnet-TEW-929DRU-XSS-17a15d9d4d2680fbb72ced0a02a64875 Exploit Third Party Advisory
https://instinctive-acapella-fc7.notion.site/Trendnet-TEW-929DRU-XSS-17a15d9d4d2680fbb72ced0a02a64875 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:trendnet:tew-929dru_firmware:1.0.0.10:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-929dru:-:*:*:*:*:*:*:*
History

21 May 2025, 16:06

Type Values Removed Values Added
References () https://instinctive-acapella-fc7.notion.site/Trendnet-TEW-929DRU-XSS-17a15d9d4d2680fbb72ced0a02a64875 - () https://instinctive-acapella-fc7.notion.site/Trendnet-TEW-929DRU-XSS-17a15d9d4d2680fbb72ced0a02a64875 - Exploit, Third Party Advisory
First Time Trendnet
Trendnet tew-929dru Firmware
Trendnet tew-929dru
CPE cpe:2.3:h:trendnet:tew-929dru:-:*:*:*:*:*:*:*
cpe:2.3:o:trendnet:tew-929dru_firmware:1.0.0.10:*:*:*:*:*:*:*

28 Feb 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-02-28 18:15

Updated : 2025-05-21 16:06

NVD link : CVE-2025-25430

Mitre link : CVE-2025-25430

JSON object : View

Products Affected

trendnet

  • tew-929dru
  • tew-929dru_firmware
CWE

No CWE.