CVE-2021-20154

HIGH

Trendnet TEW-827DRU Firmware 2.08B01 - Cleartext Transmission of Sensitive Information

Title source: llm
STIX 2.1

Description

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2021-54

Scores

CVSS v3 7.5
EPSS 0.0016
EPSS Percentile 35.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-319
Status published
Products (1)
trendnet/tew-827dru_firmware 2.08b01
Published Dec 30, 2021
Tracked Since Feb 18, 2026