CVE-2019-13277

EUVD-2019-4784
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or remotely if remote administration is enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
trendnettew-827dru_firmware
𝑥
≤ 2.04b03
𝑥
= Vulnerable software versions
References
https://github.com/fuzzywalls/TRENDNetExploits/tree/master/CVE-2019-13277
https://github.com/fuzzywalls/TRENDNetExploits/tree/master/CVE-2019-13277