CVE-2021-20160
HIGH WAF: High
CVSS 8.8
Published: 2021-12-30
CWE-78
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root.
WAF Coverage Analysis
OS Command Injection
High WAF Coverage
OWASP: A03:2021 Injection
932xxx - Remote Code Execution
Affected Software
| Vendor | Product | Version |
|---|---|---|
| trendnet | tew-827dru_firmware | 2.08b01 |
References
- www.tenable.com (Exploit, Third Party Advisory)