Описание
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
Ссылки
- MitigationThird Party Advisory
- MitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.41622
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 5.3
github
около 4 лет назад
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
EPSS
Процентиль: 97%
0.41622
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306