WiFi Baby Cam and Network Camera Security Advisory
Rapid7, a company that specializes in IT security, released a vulnerability report on video baby monitors, which included TRENDnet’s WiFi Baby Cam, model TV-IP743SIC. The report claims that the WiFi Baby Cam has a fixed user name and password that could be accessed via a direct UART serial connection to the WiFi Baby Cam.
TRENDnet Windows® 10 Product Support
With the release of Windows 10, TRENDnet is working tirelessly to ensure a smooth transition for our customers. We will be providing updates for selected TRENDnet products (with more to follow).
Router Security Advisory: Kcodes Netusb Kernel Stack Buffer Overflow
NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.
Router Security Advisory: Realtek SDK miniigd : Authentication Bypass - Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of a router with select Realtek SDKs. Authentication is not required to exploit this vulnerability. The specific flaw exists within the miniigd SOAP service.
TN-200/TN-200T1 Security Advisory
In regards to the recent published TN-200 and TN-200T1 vulnerabilities referencing CVE-2014-1628, CVE-2014-1629, CVE-2014-1630, CVE-2014-2703, and CVE-2014-2704: TRENDnet was first aware of these on August 18, 2014 and worked to immediately release corrective firmware (version 1.04) on October 20, 2014. We advise you to apply the latest firmware update to the TN-200 and TN-200T1. Download TN-200 firmware here. Download TN-200T1 firmware here. Please contact us at 866-845-3673 with any questions. To locate a Technical Support number in your area, please visit http://www.trendnet.com/support/contact.asp.
TRENDnet Heartbleed Security Advisory
TRENDnet executed a complete review of all products. Some TRENDnet products do use OpenSSL however the respective products use a different OpenSSL version which is not impacted by this vulnerability. No current TRENDnet products are vulnerable to the "Heartbleed" Vulnerability and no action is required by TRENDnet customers.
IP Camera Critical Firmware Updates
If you purchased TRENDnet IP cameras between April 2010 and February 2012, and have not updated firmware after February, 2012, we advise you to apply the latest security firmware update on the cameras. If you have any questions regarding the security firmware update on the cameras, please contact us at 866-845-3673 or ipcam@trendnet.com.
UPnP Vulnerability
Universal Plug and Play (UPnP), a protocol present in most network enabled devices, has been identified as vulnerable to one or more security flaws. Read more to see if your TRENDnet product may be affected.