TRENDnet’s AC2600 MU-MIMO WiFi Router, model TEW-827DRU, is built to perform in a busy connected home. This dual-band router generates two quad-stream WiFi networks—a 1,733Mbps WiFi AC and a concurrent 800Mbps WiFi N network.
TRENDnet AC2600 TEW-827DRU routers could allow a remote attacker to bypass security restrictions, caused by the containment of a hidden administrative command.
By sending a specially crafted request, an attacker could exploit this vulnerability to force the change of the admin password.
POST /apply_sec.cgi ccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password=testing123
By turning this into a traffic file and matching rule, we are able to detect unauthenticated attempts to force the change of the admin password.
Idappcom has created signature 8022354 along with a corresponding traffic file.
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional