CVE-2018-7034
HIGH7.5CVSS v3
5.0CVSS v2
0.84%
EPSS (exploit probability)
CWE-287CWE
Description
TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
CVSS v3 vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected routers (3)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| TRENDnet | TRENDnet TEW-733GR | — |
— | — | Unpatched |
| TRENDnet | TRENDnet TEW-751DR | — |
— | — | Unpatched |
| TRENDnet | TRENDnet TEW-752DRU | — |
— | — | Unpatched |