How severe is CVE-2019-13280?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2019-13280?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2019-13280 - HIGH Severity | CVSS 8.8

Vulnerability Description

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or traceroute attempt. This allows an authenticated user to execute arbitrary code. The exploit can be exercised on the local intranet or remotely if remote administration is enabled.

Related Vulnerabilities

CVE-2009-1532

HIGH

CVSS:8.8(High)

Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remo...

CWE-7872009

CVE-2009-3953

HIGH

CVSS:8.8(High)

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data...

CWE-7872009

CVE-2010-0127

HIGH

CVSS:8.8(High)

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave fil...

CWE-7872010

CVE-2010-0986

HIGH

CVSS:8.8(High)

Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via ...

CWE-7872010

CVE-2010-0987

HIGH

CVSS:8.8(High)

Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file.

CWE-7872010

CVE-2010-1280

HIGH

CVSS:8.8(High)

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an er...

CWE-7872010