CVE-2021-20149

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:46

Type Values Removed Values Added
References () https://www.tenable.com/security/research/tra-2021-54 - Third Party Advisory () https://www.tenable.com/security/research/tra-2021-54 - Third Party Advisory

Information

Published : 2021-12-30 22:15

Updated : 2024-11-21 05:46


NVD link : CVE-2021-20149

Mitre link : CVE-2021-20149

CVE.ORG link : CVE-2021-20149


JSON object : View

Products Affected

trendnet

  • tew-827dru
  • tew-827dru_firmware
CWE
CWE-863

Incorrect Authorization