CVE-2025-8758
BaseFortify
Publication date: 2025-08-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| trendnet | tew-822dre | fw103b02 |
| vsftpd | vsftpd | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-272 | The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed. |
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8758 is a vulnerability in the TRENDnet TEW-822DRE Range Extender firmware FW103B02, specifically in the vsftpd (Very Secure FTP Daemon) service. The issue is a least privilege violation where files uploaded anonymously via FTP are incorrectly assigned root ownership. This misconfiguration allows attackers with local access to escalate their privileges to root, effectively gaining full control over the device. The vulnerability arises because elevated privileges required for certain operations are not properly dropped after use. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing an attacker with local access to the device to gain full root privileges. This means the attacker can take complete control over the affected device, compromising its confidentiality, integrity, and availability. Such control could lead to unauthorized access to sensitive data, disruption of device functionality, and potential use of the device as a foothold for further attacks within a network. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the TRENDnet TEW-822DRE device running firmware FW103B02 with a misconfiguration in the vsftpd service that assigns root ownership to files uploaded anonymously via FTP. Detection can involve checking if the device is running the vulnerable firmware version and inspecting the vsftpd configuration for improper privilege assignments. Commands to check the firmware version and vsftpd configuration on the device (assuming local access) might include: `cat /etc/version` or similar to identify firmware version, and `cat /etc/vsftpd.conf` to review FTP daemon settings. Additionally, monitoring FTP uploads for files owned by root that were uploaded anonymously could indicate exploitation. However, no specific detection commands or tools are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected TRENDnet TEW-822DRE device running firmware FW103B02 with an alternative product, as no vendor patches or countermeasures are available. Restricting local access to the device and disabling or restricting the vsftpd service to prevent anonymous uploads may reduce risk. Monitoring for suspicious activity and avoiding use of the vulnerable firmware version are recommended. Since the exploit requires local access and is difficult to execute, limiting physical or local network access can also help mitigate exploitation. [2]