CVE-2021-20160

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root.
References
Link Resource
https://www.tenable.com/security/research/tra-2021-54 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*
cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*

Information

Published : 2021-12-30 14:15

Updated : 2022-07-12 10:42


NVD link : CVE-2021-20160

Mitre link : CVE-2021-20160


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

trendnet

  • tew-827dru_firmware
  • tew-827dru