WEB SERVER DIRECTORY TRAVERSAL ARBITRARY FILE ACCESS VULNERABILITY IN WEB SMART SWITCH TEG-30284 HARDWARE VERSION: 1.0R
TRENDnet recently received a report stating a possible Web Server Directory Traversal Arbitrary File Access vulnerability in the 28-Port Gigabit Web Smart Switch, model TEG-30284, Hardware Version: 1.0R. An attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks.
CSRF and XSS vulnerabilities in TW100-S4W1CA Hardware V2.0R and V2.1R
TRENDnet was recently made aware of possible CSRF and XSS vulnerabilities in the 4-Port Broadband Router, model TW100-S4W1CA, hardware V2.0R and V2.1R. A Threat Actor can exploit these vulnerabilities and gain control of the router’s management interface.
Buffer overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) on some of the L2 Managed Industrial Switches
TRENDnet has released firmware patches for buffer overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) on some of the L2 Managed Industrial Switches. For more information, please visit this page.
TRENDnet CloudView Service End of Life Announcement
September 3, 2020 - TRENDnet CloudView service will be discontinued on December 31, 2020. The cameras running the app and service reached the end of their service life a few years ago, therefore we have decided to discontinue the cloud service for these cameras on December 31, 2020. For more information, please visit www.trendnet.com/camera.
Safari Version 12 Camera Web-View Compatibility
Sept 20, 2018 - Safari version 12 was released Monday for MacOS Sierra and High Sierra users. Version 12 adds new restrictions on browser plugins developers which disables the web-view plugins for the cameras. If users are experiencing problems using Safari with their cameras, we recommend using the Chrome browser for Mac or our free mobile phone app to view the camera.
TU3-DS2 macOS 10.13.4 Compatibility
June 12, 2018 – Installing macOS 10.13.4 will cause any connected displays to go blank after the OS update when using the latest driver. Extended or mirror displays continue to work as expected in macOS 10.13.3, and we can only recommend that you stay on macOS 10.13.3 or earlier if you require this feature and have not already updated. Functionality such as Ethernet and audio are unaffected. We are working on a fix and updates will be posted on product download pages once available.
TEW-816DRM & TV-IP344PI ANNOUNCEMENT
TRENDnet was recently contacted by a firm with claims of vulnerabilities on the TV-IP344PI and the TEW-816DRM. Updates will be posted on TRENDnet website, and e-mails will be sent to those that registered their products.
WPA2 Security KRACK Attack Notice
A WPA2 vulnerability from the KRACK Attack was revealed on Oct. 16, 2017. This attack affects the entire wireless industry, but affected devices can be patched with a security update. TRENDnet is currently investigating the issue and we are working with our semiconductor chipset partners on patches. Updates will be posted on product download pages once available.
Note:
The WPA2 KRACK main attack targets client devices against the 4-way handshake, and requires physical proximity. Wi-Fi routers and wireless access points are not affected by this attack. However, to reduce the risk of attacks against your router or access points, disable client functionality and fast roaming (802.11r). For home users, be sure to keep client devices, such as laptops and smartphones, updated.
Critical Firmware Update for Some Network Cameras
Some network cameras could be compromised to security vulnerabilities described in ICSA-17-124-01 (Improper Authentication, Password in Configuration), where remote attackers could potentially gain partial access to some administrator pages in the device configuration without the proper credentials, and obtain the administrator password to your device configuration. We strongly recommend that owners of all affected cameras (see list below) with hardware version v1.0R to upgrade to the latest firmware version.
Technical Bulletin - Foggy Dome
Technical bulletin regarding IR dome cameras experiencing foggy, blurry or washed out images.