Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-44647

In TRENDnet TEW-WLC100P 2.03b03, the i_dont_care_about_security_and_use_aggressive_mode_psk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK.

Published

2025-07-21T16:15:28.963

Last Modified

2025-08-07T17:55:29.260

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Primary
CWE-1188

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	trendnet	tew-wlc100p_firmware	2.03b03	Yes
Hardware	trendnet	tew-wlc100p	-	No

References

http://tew-wlc100p.com Broken Link ([email protected])
https://gist.github.com/TPCchecker/18c32439ed13feaed99f8229d1749892 Broken Link ([email protected])
https://www.notion.so/CVE-2025-44647-24754a1113e780b0a130d4439861bf3c Third Party Advisory ([email protected])