CVE-2022-30325

Published: Jun 16, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.

Affected (1)

Products: Trendnet: Tew 831dr Firmware

1 product

Tew 831dr Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Trendnet Tew 831dr Firmware	Version 1.0_601.130.1.1356

Running on/with	Platform Versions
Trendnet Tew 831dr	All versions

Related CWEs

Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

References (4)

https://research.nccgroup.com/2022/06/10/technical-advisory-multiple-vulnerabilities-in-trendnet-tew-831dr-wifi-router-cve-2022-30325-cve-2022-30326-cve-2022-30327-cve-2022-30328-cve-2022-30329/

Source: cve@mitre.org

Third Party Advisory

https://research.nccgroup.com/?research=Technical+advisories

Source: cve@mitre.org

Third Party Advisory

https://research.nccgroup.com/2022/06/10/technical-advisory-multiple-vulnerabilities-in-trendnet-tew-831dr-wifi-router-cve-2022-30325-cve-2022-30326-cve-2022-30327-cve-2022-30328-cve-2022-30329/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://research.nccgroup.com/?research=Technical+advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.