DoS Vulnerability in TRENDnet TPL-430AP Firmware
CVE-2025-44651

7.5HIGH

Key Information:

Vendor: TRENDnet
Status: TPL-430AP
Vendor: CVE Published:; 21 July 2025

What is CVE-2025-44651?

The TRENDnet TPL-430AP, running firmware version FW1.0, contains a configuration flaw within its bftpd setup. The USERLIMIT_GLOBAL setting is improperly configured to allow unlimited user connections, potentially leading to Denial of Service (DoS) attacks when the device reaches unsustainable connection levels. This flaw could disrupt network performances and leave services inaccessible.

References

http://trendnet.com

https://gist.github.com/TPCchecker/9e27534ec59babcd4fd44d...

https://www.notion.so/CVE-2025-44651-24754a1113e780da990e...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
Apr 22, 2025

JSON