exploitDog

CVE-2021-20152

Опубликовано: 30 дек. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/

Ссылки

https://www.tenable.com/security/research/tra-2021-54
Third Party Advisory
https://www.tenable.com/security/research/tra-2021-54
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00153

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-62w4-6v3m-2j3j

github

около 4 лет назад

Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/

EPSS

Процентиль: 36%

0.00153

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-306