CVE-2025-44647

In TRENDnet TEW-WLC100P 2.03b03, the i_dont_care_about_security_and_use_aggressive_mode_psk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
http://tew-wlc100p.com	Broken Link
https://gist.github.com/TPCchecker/18c32439ed13feaed99f8229d1749892	Broken Link
https://www.notion.so/CVE-2025-44647-24754a1113e780b0a130d4439861bf3c	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:trendnet:tew-wlc100p_firmware:2.03b03:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-wlc100p:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-07-21 16:15

Updated : 2025-08-07 17:55

NVD link : CVE-2025-44647

Mitre link : CVE-2025-44647

CVE.ORG link : CVE-2025-44647

JSON object : View

Products Affected

trendnet

tew-wlc100p
tew-wlc100p_firmware

CWE

CWE-1188

Initialization of a Resource with an Insecure Default

{"id": "CVE-2025-44647", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}]}, "published": "2025-07-21T16:15:28.963", "references": [{"url": "http://tew-wlc100p.com", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://gist.github.com/TPCchecker/18c32439ed13feaed99f8229d1749892", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://www.notion.so/CVE-2025-44647-24754a1113e780b0a130d4439861bf3c", "tags": ["Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-1188"}]}], "descriptions": [{"lang": "en", "value": "In TRENDnet TEW-WLC100P 2.03b03, the i_dont_care_about_security_and_use_aggressive_mode_psk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK."}, {"lang": "es", "value": "En TRENDnet TEW-WLC100P 2.03b03, la opci\u00f3n i_dont_care_about_security_and_use_aggressive_mode_psk est\u00e1 habilitada en el archivo de configuraci\u00f3n strongSwan, de modo que los respondedores IKE pueden usar el modo agresivo IKEv1 con claves precompartidas para realizar ataques fuera de l\u00ednea en el hash transmitido abiertamente del PSK."}], "lastModified": "2025-08-07T17:55:29.260", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:trendnet:tew-wlc100p_firmware:2.03b03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E616B282-7E96-4D22-A6F5-75293EA3957D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:trendnet:tew-wlc100p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5CB8A166-8119-4C6A-A072-E15C7B28A29F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}