Command Injection Vulnerability in Trendnet AC2600 TEW-827DRU Version 2.08B01

CVE-2021-20160 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. The username parameter used when configuring smb functionality for the device is vulnerable to command injection as root.

Learn more about our User Device Pen Test.