Vulnerabilities > Trendnet

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-20150 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard.
network
low complexity
trendnet CWE-306
5.3
2021-12-30 CVE-2021-20151 Session Fixation vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device.
network
low complexity
trendnet CWE-384
critical
10.0
2021-12-30 CVE-2021-20152 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality.
network
low complexity
trendnet CWE-306
6.5
2021-12-30 CVE-2021-20153 Link Following vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality.
low complexity
trendnet CWE-59
6.8
2021-12-30 CVE-2021-20154 Cleartext Transmission of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface.
network
low complexity
trendnet CWE-319
7.5
2021-12-30 CVE-2021-20155 Use of Hard-coded Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials.
network
low complexity
trendnet CWE-798
critical
9.8
2021-12-30 CVE-2021-20156 Improper Verification of Cryptographic Signature vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update.
network
low complexity
trendnet CWE-347
6.5
2021-12-30 CVE-2021-20157 Unspecified vulnerability in Trendnet Tew-827Dru Firmware
It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command.
network
low complexity
trendnet
7.5
2021-12-30 CVE-2021-20158 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability.
network
low complexity
trendnet CWE-306
critical
9.8
2021-12-30 CVE-2021-20159 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection.
network
low complexity
trendnet CWE-78
8.8