Vulnerability identifier: #VU53512
Vulnerability risk: High
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-259
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Home Network Security
Hardware solutions /
Routers for home users
Vendor: Trend Micro
Description
The vulnerability allows a remote attacker to compromise the affected device.
The vulnerability exists due to presence of hard-coded credentials diamond:bahV6AtJqZt4K
in the SFTP Log Collection Server feature and are present in the core binary of the HNS device. A remote non-authenticated attacker can login to the affected system and gain access to the sever.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Home Network Security: 6.1.567 - 6.6.604
External links
http://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1241
http://helpcenter.trendmicro.com/en-us/article/TMKA-10337
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.