CRITICAL🇵🇱 Wersja polska

CVE-2021-20149

CVSS 9.8v3.1pub. 2021-12-30upd. 2024-11-21

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trendnet Tew 827dru

    HW
    Trendnet
    2.0
  • Trendnet Tew 827dru Firmware

    OS
    Trendnet
    2.08b01
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-28354CRITICAL10.0PL ✓ten sam produkt

Command injection w routerze TRENDnet TEW-827DRU — zdalny dostęp root

CVE-2021-20158CRITICAL9.8ten sam produkt

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for...

CVE-2021-20155CRITICAL9.8ten sam produkt

Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and re...

CVE-2021-20151CRITICAL10.0ten sam produkt

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The route...

CVE-2020-14080CRITICAL9.8ten sam produkt

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overf...