Static Default Credential Vulnerability in Trendnet TEW733GR Router
CVE-2022-38556

9.8CRITICAL

Key Information:

Vendor: Trendnet
Status: Tew733gr Firmware
Vendor: CVE Published:; 28 August 2022

What is CVE-2022-38556?

The Trendnet TEW733GR v1.03B01 router has a security flaw related to static default credentials that can be exploited. This vulnerability exists in the script located at /etc/init0.d/S80telnetd.sh, which can allow attackers to gain unauthorized access to the device. Users should be aware of this risk as it poses significant security concerns, particularly in unsecured network environments.

References

https://github.com/xxy1126/Vuln/tree/main/2

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2022
Vulnerability Reserved
Aug 22, 2022