Vulnerabilities > Trendnet > TEW 827Dru Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-20149 | Incorrect Authorization vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. | 9.8 |
| 2021-12-30 | CVE-2021-20150 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. | 5.3 |
| 2021-12-30 | CVE-2021-20151 | Session Fixation vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. | 10.0 |
| 2021-12-30 | CVE-2021-20152 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. | 6.5 |
| 2021-12-30 | CVE-2021-20153 | Link Following vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. | 6.8 |
| 2021-12-30 | CVE-2021-20154 | Cleartext Transmission of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. | 7.5 |
| 2021-12-30 | CVE-2021-20155 | Use of Hard-coded Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. | 9.8 |
| 2021-12-30 | CVE-2021-20156 | Improper Verification of Cryptographic Signature vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. | 6.5 |
| 2021-12-30 | CVE-2021-20157 | Unspecified vulnerability in Trendnet Tew-827Dru Firmware It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command. | 7.5 |
| 2021-12-30 | CVE-2021-20158 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. | 9.8 |