CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated "check for updates" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate.

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 1 Total

https://www.tenable.com/security/research/tra-2021-54
external site

Updated: 2024-08-03

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://www.tenable.com/security/research/tra-2021-54
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Tenable Network Security, Inc.

Description

Product Status

References 1 Total

CVE Program

References 1 Total