إرسال #624555: TRENDnet TN-200 1.02b02 Misconfigurationالمعلومات

عنوانTRENDnet TN-200 1.02b02 Misconfiguration
الوصفIn TRENDnet TN-200 NAS device 1.02b02, there is a insecure configuration vulnerability. The bundled Lighttpd configuration contains a hardcoded weak secdownload.secret value. The secret is used to generate access-controlled download URLs. When a fixed and publicly visible secret is used, remote attackers can forge valid secure download links and gain unauthorized access to protected files within the NAS system.
المصدر⚠️ https://www.notion.so/23f54a1113e7801e944ec65a2f7c5448
المستخدم
 TPCHECKER (UID 88463)
ارسال29/07/2025 05:53 AM (11 أشهر منذ)
الاعتدال08/08/2025 05:33 PM (10 days later)
الحالةتمت الموافقة
إدخال VulDB319264 [TRENDnet TN-200 1.02b02 Lighttpd secdownload.secret تشفير ضعيف]
النقاط16

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!