Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for Trend Micro Home Network Security by Trend Micro
CVE-2021-32459 (GCVE-0-2021-32459)
Vulnerability from cvelistv5 – Published: 2021-05-27 10:42 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- Hard Coded Password
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Hard Coded Password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Hard Coded Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32459",
"datePublished": "2021-05-27T10:42:55.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32458 (GCVE-0-2021-32458)
Vulnerability from cvelistv5 – Published: 2021-05-27 10:34 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- iotcl Stack-Based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "iotcl Stack-Based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "iotcl Stack-Based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32458",
"datePublished": "2021-05-27T10:34:17.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32457 (GCVE-0-2021-32457)
Vulnerability from cvelistv5 – Published: 2021-05-26 13:45 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- iotcl Stack-Based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "iotcl Stack-Based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "iotcl Stack-Based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32457",
"datePublished": "2021-05-26T13:45:17.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31518 (GCVE-0-2021-31518)
Vulnerability from cvelistv5 – Published: 2021-05-05 15:05 – Updated: 2024-08-03 23:03
VLAI
Summary
Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517.
Severity
No CVSS data available.
CWE
- File-Parsing DOS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.5.599 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.5.599 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File-Parsing DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-05T15:05:03.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-31518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.5.599 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File-Parsing DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-31518",
"datePublished": "2021-05-05T15:05:03.000Z",
"dateReserved": "2021-04-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:03:33.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31517 (GCVE-0-2021-31517)
Vulnerability from cvelistv5 – Published: 2021-05-05 15:04 – Updated: 2024-08-03 23:03
VLAI
Summary
Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518.
Severity
No CVSS data available.
CWE
- File-Parsing DOS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.5.599 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.5.599 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File-Parsing DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-05T15:04:56.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-31517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.5.599 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File-Parsing DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-31517",
"datePublished": "2021-05-05T15:04:56.000Z",
"dateReserved": "2021-04-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:03:33.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32459 (GCVE-0-2021-32459)
Vulnerability from nvd – Published: 2021-05-27 10:42 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- Hard Coded Password
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Hard Coded Password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Hard Coded Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32459",
"datePublished": "2021-05-27T10:42:55.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32458 (GCVE-0-2021-32458)
Vulnerability from nvd – Published: 2021-05-27 10:34 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- iotcl Stack-Based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "iotcl Stack-Based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "iotcl Stack-Based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32458",
"datePublished": "2021-05-27T10:34:17.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32457 (GCVE-0-2021-32457)
Vulnerability from nvd – Published: 2021-05-26 13:45 – Updated: 2024-08-03 23:17
VLAI
Summary
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
Severity
No CVSS data available.
CWE
- iotcl Stack-Based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.6.604 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.6.604 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "iotcl Stack-Based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T10:32:27.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-32457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.6.604 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "iotcl Stack-Based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10337"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-32457",
"datePublished": "2021-05-26T13:45:17.000Z",
"dateReserved": "2021-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:17:29.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31518 (GCVE-0-2021-31518)
Vulnerability from nvd – Published: 2021-05-05 15:05 – Updated: 2024-08-03 23:03
VLAI
Summary
Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517.
Severity
No CVSS data available.
CWE
- File-Parsing DOS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.5.599 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.5.599 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File-Parsing DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-05T15:05:03.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-31518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.5.599 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File-Parsing DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-31518",
"datePublished": "2021-05-05T15:05:03.000Z",
"dateReserved": "2021-04-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:03:33.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31517 (GCVE-0-2021-31517)
Vulnerability from nvd – Published: 2021-05-05 15:04 – Updated: 2024-08-03 23:03
VLAI
Summary
Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518.
Severity
No CVSS data available.
CWE
- File-Parsing DOS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpcenter.trendmicro.com/en-us/article/T… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro Home Network Security |
Affected:
6.5.599 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Home Network Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.5.599 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File-Parsing DOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-05T15:04:56.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-31517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Home Network Security",
"version": {
"version_data": [
{
"version_value": "6.5.599 and below"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File-Parsing DOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312",
"refsource": "MISC",
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-31517",
"datePublished": "2021-05-05T15:04:56.000Z",
"dateReserved": "2021-04-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:03:33.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}