Vulnerability identifier: #VU53512

Vulnerability risk: High

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-32459

CWE-ID: CWE-259

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Home Network Security
Hardware solutions / Routers for home users

Vendor: Trend Micro

Description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to presence of hard-coded credentials diamond:bahV6AtJqZt4K in the SFTP Log Collection Server feature and are present in the core binary of the HNS device. A remote non-authenticated attacker can login to the affected system and gain access to the sever.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Home Network Security: 6.1.567 - 6.6.604

---

External links
http://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1241
http://helpcenter.trendmicro.com/en-us/article/TMKA-10337

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.