CVE-2021-20149

Name of the Vulnerable Software and Affected Versions: Trendnet AC2600 TEW-827DRU version 2.08B01

Description: The issue concerns insufficient access controls for the WAN interface. Specifically, the default iptables ruleset only applies to IPv4, leaving all services running on the device accessible via the WAN interface via IPv6 by default.

Recommendations: For Trendnet AC2600 TEW-827DRU version 2.08B01, consider updating the iptables ruleset to include IPv6 restrictions, ensuring that access to services on the device is properly controlled across both IPv4 and IPv6 protocols. As a temporary workaround, restrict access to the WAN interface via IPv6 to minimize the risk of exploitation.