How to fix EUVD-2025-17444?

Within 24 hours: Inventory all TRENDnet TV-IP121W devices in your environment and isolate them to a restricted VLAN or segment with no internet access. Within 7 days: Implement network-level access controls restricting /admin/setup.cgi to authorized administrative IPs only, and deploy WAF rules blocking suspicious authentication attempts to that endpoint. Within 30 days: Develop a device replacement plan for affected units, contact TRENDnet for firmware updates, and consider migrating to alternative camera solutions from vendors actively patching security issues.

Is TRENDnet TV-IP121W affected by EUVD-2025-17444?

A high-severity authentication bypass vulnerability affects TRENDnet TV-IP121W cameras (v1.1.1 Build 36), allowing remote attackers to bypass login controls on the admin interface.

TRENDnet TV-IP121W EUVD-2025-17444

| CVE-2025-5870 HIGH

Improper Authentication (CWE-287)

2025-06-09 [email protected]

Authentication Bypass

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 19:21 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 19:21 euvd

EUVD-2025-17444

CVE Published

Jun 09, 2025 - 09:15 nvd

HIGH 7.3

DescriptionNVD

A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Critical authentication bypass vulnerability in TRENDnet TV-IP121W IP camera (version 1.1.1 Build 36) affecting the /admin/setup.cgi web interface endpoint. An unauthenticated remote attacker can bypass authentication controls to gain unauthorized administrative access, potentially allowing unauthorized configuration changes, data theft, or device compromise. A public exploit has been disclosed, the vendor has not responded to early disclosure, and the vulnerability exhibits moderate real-world exploitation probability given its network-accessible nature and lack of authentication requirements.

Technical ContextAI

The vulnerability resides in improper authentication mechanisms (CWE-287: Improper Authentication) within the TRENDnet TV-IP121W IP camera's CGI-based web administration interface. The /admin/setup.cgi endpoint fails to properly validate user credentials or session tokens before processing administrative requests. IP cameras in this product line typically run embedded web servers (often lighttpd or similar) to deliver configuration interfaces; this vulnerability suggests insufficient access control checks in the CGI script handling administrative setup operations. The affected CPE is likely 'cpe:2.7.a:trendnet:tv-ip121w:1.1.1' with specific build 36. CWE-287 indicates the root cause is the lack of proper credential verification, potentially allowing direct access to privileged functions without prior successful authentication.

EUVD-2025-17444 vulnerability details – vuln.today

Back