Vulnerabilities > Trendnet > TEW 827Dru Firmware > 2.08b01

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-20160 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device.
network
low complexity
trendnet CWE-78
8.8
2021-12-30 CVE-2021-20161 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality.
low complexity
trendnet CWE-306
6.8
2021-12-30 CVE-2021-20162 Cleartext Storage of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext.
network
low complexity
trendnet CWE-312
4.9
2021-12-30 CVE-2021-20163 Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page.
network
low complexity
trendnet CWE-522
4.9
2021-12-30 CVE-2021-20164 Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device.
network
low complexity
trendnet CWE-522
4.9
2021-12-30 CVE-2021-20165 Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections.
network
low complexity
trendnet CWE-352
8.8