CVE-2025-5870
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-09

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-09
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-06-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-5870
EUVD
EUVD-2025-17444
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-5870 is a critical security vulnerability in the TRENDnet TV-IP121W network camera (version 1.1.1 Build 36). It arises from improper authentication in the device's web interface, specifically in the /admin/setup.cgi endpoint. Due to missing authentication and authorization controls, remote attackers can access privileged functions and sensitive information without any credentials. This flaw allows attackers to manipulate device settings, retrieve sensitive data, and potentially take full control of the device remotely. [1, 3]


How can this vulnerability impact me? :

This vulnerability can have severe impacts including unauthorized disclosure of sensitive system and network information, such as device status, configurations, and network settings. Attackers can also manipulate the device by rebooting it, resetting it to factory defaults, changing firewall rules and administrator credentials, or uploading malicious firmware. These actions can lead to complete device compromise, persistent backdoors, service disruptions, and lateral movement within connected networks, severely weakening organizational security and surveillance reliability. [2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to access the /admin/setup.cgi endpoint on the TRENDnet TV-IP121W device remotely without authentication. If the device responds with privileged information or allows configuration changes without requiring login, it indicates the presence of the vulnerability. Network scanning tools can be used to identify devices running TRENDnet TV-IP121W firmware version 1.1.1 Build 36. Commands such as curl or wget can be used to test the endpoint, for example: curl http://<device-ip>/admin/setup.cgi. If the response contains sensitive configuration or device information without authentication, the vulnerability is present. [1, 2, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include isolating the affected TRENDnet TV-IP121W devices from untrusted networks to prevent remote exploitation, disabling remote web interface access if possible, and monitoring network traffic for suspicious activity targeting the /admin/setup.cgi endpoint. Since no vendor patch or official fix is available, replacing the affected devices with alternative products is recommended to ensure security. Additionally, consider implementing network-level access controls such as firewall rules to restrict access to the device's management interface. [3, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart