CVE-2021-20164
MEDIUMTrendnet TEW-827DRU 2.08B01 - Unprotected Credential Exposure via smbserver.asp Page
Title source: llmDescription
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2021-54
Scores
CVSS v3
4.9
EPSS
0.0026
EPSS Percentile
49.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (1)
trendnet/tew-827dru_firmware
2.08b01
Published
Dec 30, 2021
Tracked Since
Feb 18, 2026