Vulnerabilities > Trendnet > TEW 827Dru Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-20150 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard.
network
low complexity
trendnet CWE-306
5.0
5.0
2021-12-30 CVE-2021-20152 Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality.
network
trendnet CWE-306
5.8
5.8
2021-12-30 CVE-2021-20153 Link Following vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. 		6.9
6.9
2021-12-30 CVE-2021-20154 Cleartext Transmission of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface.
network
trendnet CWE-319
4.3
4.3
2021-12-30 CVE-2021-20156 Improper Verification of Cryptographic Signature vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update.
network
low complexity
trendnet CWE-347
4.0
4.0
2021-12-30 CVE-2021-20162 Cleartext Storage of Sensitive Information vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext.
network
low complexity
trendnet CWE-312
4.0
4.0
2021-12-30 CVE-2021-20163 Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page.
network
low complexity
trendnet CWE-522
4.0
4.0
2021-12-30 CVE-2021-20164 Insufficiently Protected Credentials vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device.
network
low complexity
trendnet CWE-522
4.0
4.0
2021-12-30 CVE-2021-20165 Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections.
network
trendnet CWE-352
6.8
6.8
2020-06-15 CVE-2020-14076 Out-of-bounds Write vulnerability in Trendnet Tew-827Dru Firmware 2.06B04
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.
network
low complexity
trendnet CWE-787
6.5
6.5