CVE-2021-20154

Vulnerability

The Trendnet AC2600 TEW-827DRU router running firmware version 2.08B01 does not enable HTTPS on the web interface by default [1]. This results in all communication, including login credentials and other sensitive data, being transmitted in cleartext over HTTP. The device's web interface is accessible over the local network and, due to other vulnerabilities (e.g., CVE-2021-20149), potentially over the WAN via IPv6.

Exploitation

An attacker with network access to the router's web interface (either on the LAN or, if IPv6 is enabled, from the WAN) can passively capture network traffic [1]. By sniffing the unencrypted HTTP traffic, the attacker can extract plaintext passwords and other sensitive information transmitted during login or configuration changes. No authentication or user interaction is required beyond the victim accessing the web interface.

Impact

Successful exploitation allows an attacker to obtain cleartext passwords and other sensitive data transmitted over the network [1]. This can lead to unauthorized access to the router's administrative interface and potentially to other services (e.g., FTP) if credentials are reused. The confidentiality of the device's configuration and user data is compromised.

Mitigation

As of the publication date (2021-12-30), Trendnet has not released a firmware update to enable HTTPS by default [1]. Users should manually enable HTTPS in the router's settings if available, or restrict access to the web interface to trusted networks only. The device may be end-of-life; users are advised to consider replacing it with a supported model that enforces encrypted management traffic.