Critical Vulnerability Discovered in TRENDnet Routers – Update Your Firmware Now

CVECVE-2023-0618
CVSScvssV3_1: 7.5
SourceCVE-2023-0618

A critical remote code execution vulnerability has been discovered in TRENDnet wireless routers. The vulnerability exists in the web service component of the routers’ firmware.

Attackers can exploit this vulnerability remotely by manipulating memory and corrupting the cfg_op.ccp file. This allows them to execute arbitrary code on the affected routers with root privileges.

As the exploit details have been publicly disclosed, it is likely that threat actors are actively scanning for and targeting vulnerable devices. Having full control over the router puts the entire network at risk. Sensitive data like passwords, banking details and personal files could be compromised.

The best way for TRENDnet users to protect themselves is to update to the latest firmware version immediately. Manufacturers usually release security updates to patch vulnerabilities, so keeping devices up-to-date is important. You should also change default credentials on the router login page for added security.

Always be cautious of unsolicited messages regarding firmware updates as well. Only download updates directly from the manufacturer’s website to avoid falling for fake update scams. Taking some simple precautions like updating firmware can help secure your home network from remote exploitation.

References