CVE-2022-30328

Vulnerability

The TRENDnet TEW-831DR router (firmware version 1.0 601.130.1.1356) contains a vulnerability in its web interface credential management. When setting a new username and password, the interface does not require the existing password for verification. This allows any user with access to the web interface to change the administrative credentials without authentication [1].

Exploitation

An attacker who has network access to the router's web interface (typically on the local network or if the interface is exposed to the internet) can navigate to the credential change page and simply enter a new username and password. No previous authentication or knowledge of the current credentials is needed. The attacker can then apply the changes, effectively taking over administrative control.

Impact

Successful exploitation allows an attacker to change the router's administrative username and password, gaining full administrative access. This can lead to complete compromise of the router, including modification of network settings, DNS hijacking, traffic interception, and further attacks on the local network.

Mitigation

As of the publication date (2022-06-16), no firmware update or patch has been released by TRENDnet to address this vulnerability. Users should restrict access to the web interface to trusted networks only, disable remote management if not required, and monitor for any firmware updates from the vendor. The device may be at end-of-life; consider replacing it if no fix is provided.