WPA2 Security KRACK Attack Notice
A WPA2 vulnerability from the KRACK Attack was revealed on Oct. 16, 2017. This attack affects the entire wireless industry, but affected devices can be patched with a security update. TRENDnet is currently investigating the issue and we are working with our semiconductor chipset partners on patches. Updates will be posted on product download pages once available.
Note:
The WPA2 KRACK main attack targets client devices against the 4-way handshake, and requires physical proximity. Wi-Fi routers and wireless access points are not affected by this attack. However, to reduce the risk of attacks against your router or access points, disable client functionality and fast roaming (802.11r). For home users, be sure to keep client devices, such as laptops and smartphones, updated.
Critical Firmware Update for Some Network Cameras
Some network cameras could be compromised to security vulnerabilities described in ICSA-17-124-01 (Improper Authentication, Password in Configuration), where remote attackers could potentially gain partial access to some administrator pages in the device configuration without the proper credentials, and obtain the administrator password to your device configuration. We strongly recommend that owners of all affected cameras (see list below) with hardware version v1.0R to upgrade to the latest firmware version.
Technisches Merkblatt - Beschlagene Kuppel
Technisches Merkblatt für IR-Kuppelkameras mit beschlagenen, verschwommenen oder verwaschenen Bildern
WiFi Baby Cam and Network Camera Security Advisory
Rapid7, a company that specializes in IT security, released a vulnerability report on video baby monitors, which included TRENDnet’s WiFi Baby Cam, model TV-IP743SIC. The report claims that the WiFi Baby Cam has a fixed user name and password that could be accessed via a direct UART serial connection to the WiFi Baby Cam.
TRENDnet Windows® 10 Product Support
With the release of Windows 10, TRENDnet is working tirelessly to ensure a smooth transition for our customers. We will be providing updates for selected TRENDnet products (with more to follow).
Router Security Advisory: Kcodes Netusb Kernel Stack Buffer Overflow
NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.
Router Security Advisory: Realtek SDK miniigd : Authentication Bypass - Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of a router with select Realtek SDKs. Authentication is not required to exploit this vulnerability. The specific flaw exists within the miniigd SOAP service.
TN-200/TN-200T1 Security Advisory
In regards to the recent published TN-200 and TN-200T1 vulnerabilities referencing CVE-2014-1628, CVE-2014-1629, CVE-2014-1630, CVE-2014-2703, and CVE-2014-2704: TRENDnet was first aware of these on August 18, 2014 and worked to immediately release corrective firmware (version 1.04) on October 20, 2014. We advise you to apply the latest firmware update to the TN-200 and TN-200T1. Download TN-200 firmware here. Download TN-200T1 firmware here. Please contact us at 866-845-3673 with any questions. To locate a Technical Support number in your area, please visit http://www.trendnet.com/support/contact.asp.
TRENDnet Heartbleed Security Advisory
TRENDnet executed a complete review of all products. Some TRENDnet products do use OpenSSL however the respective products use a different OpenSSL version which is not impacted by this vulnerability. No current TRENDnet products are vulnerable to the "Heartbleed" Vulnerability and no action is required by TRENDnet customers.
IP Camera Critical Firmware Updates
If you purchased TRENDnet IP cameras between April 2010 and February 2012, and have not updated firmware after February, 2012, we advise you to apply the latest security firmware update on the cameras. If you have any questions regarding the security firmware update on the cameras, please contact us at 866-845-3673 or ipcam@trendnet.com.