CVE-2021-20150
30Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 40%
exploitation probability
40%top 2% of all CVEs
observed exploitation
nono source reports it
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
Affected products
n/a · Trendnet AC2600 TEW-827DRU