Tpcchecker

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N600R version 1.0.0.1 TOTOLINK X2000R version 1.0.0.1 **Description** A critical vulnerability exists in the FTP Service component of the affected products. The issue is related to the manipulation of the `vsftpd.conf` file, leading to a least privilege violation. The attack can be initiated remotely. **Recommendations** TOTOLINK N600R version 1.0.0.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. TOTOLINK X2000R version 1.0.0.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.19 **Description** A vulnerability exists in the Tenda AC18 device due to weak password requirements. The issue affects unknown code within the `/etc ro/smb.conf` file of the Samba component and can be exploited remotely. Exploitation is considered difficult. The exploit has been publicly disclosed. **Recommendations** Update to a newer version that addresses the weak password requirements. Consider temporarily restricting access to the Samba component to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** TRENDnet TEW-WLC100P version 2.03b03 **Description** The configuration of racoon within the device sets the `exchage mode` to aggressive. Utilizing aggressive mode in IKE Phase 1 results in the exposure of identity information in plaintext, making the system susceptible to offline dictionary attacks and limiting the negotiation of security parameters. **Recommendations** Modify the configuration file to change the `exchage mode` setting from aggressive to a more secure option.

**Name of the Vulnerable Software and Affected Versions** TRENDnet TEW-WLC100P version 2.03b03 **Description** The `i dont care about security and use aggressive mode psk` option is enabled in the strongSwan configuration file, allowing IKE Responders to use IKEv1 Aggressive Mode with Pre-Shared Keys. This configuration permits offline attacks on the openly transmitted hash of the Pre-Shared Key (`PSK`). **Recommendations** Disable the `i dont care about security and use aggressive mode psk` option in the strongSwan configuration file.

**Name of the Vulnerable Software and Affected Versions** H3C GR2200 MiniGR1A0V100R016 **Description** The `USERLIMIT GLOBAL` option is set to 0 in the `/etc/bftpd.conf` file. This configuration can lead to denial-of-service (DoS) attacks due to the possibility of unlimited user connections. **Recommendations** Ensure the `USERLIMIT GLOBAL` option in the `/etc/bftpd.conf` file is not set to 0.

**Name of the Vulnerable Software and Affected Versions** Netgear RAX30 version 1.0.10.94 3 **Description** The `USERLIMIT GLOBAL` option is set to 0 in multiple bftpd-related configuration files, potentially leading to denial-of-service (DoS) attacks when an unlimited number of users connect. **Recommendations** Update to a newer version that addresses this configuration issue. As a temporary workaround, consider modifying the bftpd configuration files to set a reasonable limit for the `USERLIMIT GLOBAL` option.

**Name of the Vulnerable Software and Affected Versions** Linksys EA6350 version 2.1.2 **Description** The `chroot local user` option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks. **Recommendations** Disable the `chroot local user` option in the vsftpd configuration file.