cve/2021/CVE-2021-20154.md

### [CVE-2021-20154](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20154)
![](https://img.shields.io/static/v1?label=Product&message=Trendnet%20AC2600%20TEW-827DRU&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Access%20Control&color=brighgreen)

### Description

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords.

### POC

#### Reference
- https://www.tenable.com/security/research/tra-2021-54

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-20154](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20154)`
			`![](https://img.shields.io/static/v1?label=Product&message=Trendnet%20AC2600%20TEW-827DRU&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Access%20Control&color=brighgreen)`

			`### Description`

			`Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords.`

			`### POC`

			`#### Reference`
			`- https://www.tenable.com/security/research/tra-2021-54`

			`#### Github`
			`No PoCs found on GitHub currently.`