Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-44649

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchage_mode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security parameters.

Published

2025-07-21T17:15:37.157

Last Modified

2025-08-07T14:15:42.097

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-312

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	trendnet	tew-wlc100p_firmware	2.03b03	Yes
Hardware	trendnet	tew-wlc100p	-	No

References

http://tew-wlc100p.com Broken Link ([email protected])
https://gist.github.com/TPCchecker/6d787c4916891f493b274b70abfad860 Broken Link ([email protected])
https://www.notion.so/CVE-2025-44649-24754a1113e780a4a1d1c4cd6d3ff345 ([email protected])