TRENDnet TEW-WLC100P Racoon IKE Phase 1 Misconfiguration Vulnerability

Vulnerability

A misconfiguration vulnerability has been identified in the TRENDnet TEW-WLC100P router running firmware version 2.03b03. The issue arises in the racoon configuration file, where the exchange_mode is set to aggressive. This setting in IKE Phase 1 exposes identity information in plaintext, making it susceptible to offline dictionary attacks, and reduces flexibility in negotiating security parameters.

Impact

The vulnerability exposes identity information in plaintext, creating a risk of offline dictionary attacks, and limits the ability to negotiate security parameters effectively.

Added: Jul 21, 2025, 5:37 PM

Updated: Jul 21, 2025, 5:37 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-WLC100P Racoon IKE Phase 1 Misconfiguration Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating