Skip to main content

Tpl 430Ap Firmware

1 CVEs product

Monthly

CVE-2025-44651 HIGH This Week

Uncontrolled resource consumption in the TRENDnet TPL-430AP powerline access point (firmware FW1.0) stems from its bundled bftpd FTP daemon shipping with USERLIMIT_GLOBAL=0, which imposes no cap on concurrent connections. A remote attacker can open unlimited simultaneous FTP sessions to exhaust device memory and connection resources, rendering the access point unresponsive (availability-only impact, no data compromise). No public exploit code has been confirmed, though a researcher gist and writeup describing the issue exist; EPSS risk is modest at 0.52% and the CVE is not listed in CISA KEV.

Denial Of Service Tpl 430Ap Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH This Week

Uncontrolled resource consumption in the TRENDnet TPL-430AP powerline access point (firmware FW1.0) stems from its bundled bftpd FTP daemon shipping with USERLIMIT_GLOBAL=0, which imposes no cap on concurrent connections. A remote attacker can open unlimited simultaneous FTP sessions to exhaust device memory and connection resources, rendering the access point unresponsive (availability-only impact, no data compromise). No public exploit code has been confirmed, though a researcher gist and writeup describing the issue exist; EPSS risk is modest at 0.52% and the CVE is not listed in CISA KEV.

Denial Of Service Tpl 430Ap Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy