CVE-2021-20164

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page.
References
Link Resource
https://www.tenable.com/security/research/tra-2021-54 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-12-30 22:15

Updated : 2024-02-28 18:48


NVD link : CVE-2021-20164

Mitre link : CVE-2021-20164

CVE.ORG link : CVE-2021-20164


JSON object : View

Products Affected

trendnet

  • tew-827dru_firmware
  • tew-827dru
CWE
CWE-522

Insufficiently Protected Credentials