CVE 7.3 HIGH

TRENDnet TEW-822DRE vsftpd least privilege violation_CVE-2025-8758

August 9, 2025 invoker category_cve

7.3 / 10

HIGH

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

A least privilege violation vulnerability in TRENDnet TEW-822DRE's vsftpd component could allow attackers to gain elevated privileges, though exploiting it requires local access and high complexity.

Basic Information

ID CVE-2025-8758

Source VulDB

Published Aug 9, 2025 at 16:02

Affected Product

Vendor TRENDnet

Product TEW-822DRE

Version FW103B02

Affected Versions TRENDnet TEW-822DRE FW103B02

CWE Classification

CWE-272 CWE-266

AI Assessment

AI Severity Medium

Vendor TRENDnet

Product TRENDnet TEW-822DRE

Version FW103B02

References

{
    "lastseen": "",
    "description": "A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-08-09T16:02:05.577Z",
    "modified": "2025-08-09T16:02:05.577Z",
    "type": "cve",
    "title": "TRENDnet TEW-822DRE vsftpd least privilege violation",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319263\nhttps://vuldb.com/?ctiid.319263\nhttps://vuldb.com/?submit.624299\nhttps://www.notion.so/23e54a1113e78009adc9d909b254812b",
    "id": "CVE-2025-8758",
    "bulletinFamily": "",
    "cwe": [
        "CWE-272",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "TRENDnet TEW-822DRE FW103B02",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TEW-822DRE",
    "version": "FW103B02",
    "vendor": "TRENDnet",
    "ai_description": "A least privilege violation vulnerability in TRENDnet TEW-822DRE's vsftpd component could allow attackers to gain elevated privileges, though exploiting it requires local access and high complexity.",
    "ai_severity": "Medium",
    "ai_vendor": "TRENDnet",
    "ai_product": "TRENDnet TEW-822DRE",
    "ai_version": "FW103B02",
    "ai_score": 0
}

💭 Join the Security Discussion ❌ Cancel Reply