Primary

Context

TRENDnet TEW-822DRE vsftpd Least Privilege Violation Vulnerability

Vulnerability

A misconfiguration vulnerability has been identified in the TRENDnet TEW-822DRE range extender running firmware FW103B02. This vulnerability affects the vsftpd component, allowing files uploaded anonymously via FTP to be assigned root ownership. This misconfiguration could enable remote attackers to gain full root access and control over the device.

Impact

Exploitation of this vulnerability could lead to unauthorized root access on the device, allowing an attacker to take complete control of it.

Added: Aug 9, 2025, 4:17 PM

Updated: Aug 9, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm

spread

8.8

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.8

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-822DRE vsftpd Least Privilege Violation Vulnerability

Vulnerability

Impact

Affected Products

TRENDnet TEW-822DRE

vsftpd

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating