CVE-2025-8759 | TRENDnet TN-200 1.02b02 Lighttpd secdownload.secret hard-coded key

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key
.

This vulnerability was named CVE-2025-8759. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8759 | TRENDnet TN-200 1.02b02 Lighttpd secdownload.secret hard-coded key

Post correlati

CVE-2025-8708 | Antabot White-Jotter 0.22 com.gm.wj.config.ShiroConfiguration ShiroConfiguration.java CookieRememberMeManager deserialization

CVE-2024-10355 | SourceCodester Petrol Pump Management Software 1.0 /admin/invoice.php id sql injection

CVE-2025-54377 | RooCodeInc Roo-Code up to 3.23.18 command injection

CVE-2024-7485 | Traffic Manager Plugin up to 1.4.5 on WordPress cross site scripting