CVE-2025-44649

High CVSS: 7.5

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchage_mode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security parameters.

Vendor

Trendnet

Product

Tew-wlc100p Firmware

CWE

CWE-312

Yayın Tarihi

2025-07-21 17:15:37

Güncelleme

2025-08-07 14:15:42

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-312 Tew-wlc100p Firmware HIGH Trendnet 2025

Referanslar

http://tew-wlc100p.com https://gist.github.com/TPCchecker/6d787c4916891f493b274b70abfad860 https://www.notion.so/CVE-2025-44649-24754a1113e780a4a1d1c4cd6d3ff345

Benzer Kayıtlar

High

CVE-2026-5349

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add_apcdb of the file…

High

CVE-2025-15472

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of…

High

CVE-2025-15471

A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goform…

Medium

CVE-2025-15139

A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub_43ACF4 of the file…

High

CVE-2025-15137

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function sub_F934 of…

High

CVE-2025-15136

A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function do_setWizard_asp of t…