// For flags

CVE-2021-20153

 

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloads to, then a user is able to download arbitrary files to any desired location on the devices filesystem, which could lead to remote code execution. Example directories vulnerable to this include "config", "downloads", and "torrents", though it should be noted that "downloads" is the only vector that allows for arbitrary files to be downloaded to arbitrary locations.

Trendnet AC2600 TEW-827DRU versión 2.08B01, contiene una vulnerabilidad de symlink en la funcionalidad bittorrent. Si está habilitada, la funcionalidad de bittorrent es vulnerable a un ataque de enlace simbólico que podría conllevar a una ejecución de código remota en el dispositivo. Si un usuario final inserta una unidad flash con un enlace simbólico malicioso en el que el cliente bittorrent puede escribir descargas, entonces un usuario es capaz de descargar archivos arbitrarios en cualquier ubicación deseada en el sistema de archivos del dispositivo, lo que podría conllevar a una ejecución de código remota. Ejemplos de directorios vulnerables a esto incluyen "config", "downloads", y "torrents", aunque debe notarse que "downloads" es el único vector que permite la descarga de archivos arbitrarios a ubicaciones arbitrarias.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-12-17 CVE Reserved
  • 2021-12-30 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-09-14 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
References (1)
URL Tag Source
https://www.tenable.com/security/research/tra-2021-54 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trendnet
Search vendor "Trendnet"
 Tew-827dru Firmware
Search vendor "Trendnet" for product "Tew-827dru Firmware"
 2.08b01
Search vendor "Trendnet" for product "Tew-827dru Firmware" and version "2.08b01"
-
Affected
in Trendnet
Search vendor "Trendnet"
 Tew-827dru
Search vendor "Trendnet" for product "Tew-827dru"
 2.0
Search vendor "Trendnet" for product "Tew-827dru" and version "2.0"
-
Safe