Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools_diagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
OS command injection in TRENDnet TEW-821DAP up to firmware version 1.12B01 allows authenticated local attackers to execute arbitrary commands via the tools_diagnostic function. The vulnerability affects only end-of-life hardware (v1.xR) discontinued 8 years ago and no longer receiving vendor support. Exploit code is publicly available, but real-world risk is severely constrained by the authentication requirement (PR:L), local network access (AV:A), and the product's obsolete status with no active install base.
Technical ContextAI
The vulnerability resides in the tools_diagnostic function within the TRENDnet TEW-821DAP wireless access point firmware. CWE-78 identifies this as a classic OS command injection flaw where user-supplied input is passed unsanitized to a shell command interpreter. The attack vector is adjacent (AV:A), meaning an attacker must be on the same network segment as the device. The affected CPE cpe:2.3:a:trendnet:tew-821dap:*:*:*:*:*:*:*:* indicates all versions up to 1.12B01 are vulnerable. The function likely constructs system commands dynamically from diagnostic parameters without proper input validation or escaping, allowing injection of pipe (|), semicolon (;), or backtick (`) characters to chain arbitrary commands.
RemediationAI
No vendor-released patch is available - TRENDnet confirmed the affected hardware (v1.xR) reached end-of-life status 8 years ago and is no longer supported. Organizations operating these devices should prioritize decommissioning and replacement with current-generation TRENDnet or alternative wireless access points. Interim compensating controls for devices that cannot be immediately retired include: (1) Restrict network access to the management interface by configuring host-based firewall rules or network segmentation - block inbound connections to the management port (typically HTTP/HTTPS, port 80/443) except from authorized administrative subnets; (2) Change default or weak administrative credentials to strong, unique passwords and disable remote management features if supported; (3) Physically isolate the device on a dedicated VLAN with restricted ingress/egress rules, preventing lateral movement from compromised client devices. Note these controls do not eliminate the vulnerability but reduce the likelihood of exploitation by authenticated attackers with network adjacency.
More in Tew 821Dap
View allBuffer overflow in the TRENDnet TEW-821DAP (firmware 1.12B01) wireless access point lets an authenticated remote attacke
Buffer overflow in the TRENDnet TEW-821DAP (v1.0R, firmware 1.12B01) dual-band access point lets an authenticated remote
Remote authenticated attackers can execute arbitrary code on TRENDnet TEW-821DAP v1.xR hardware running firmware 1.12B01
Insufficient verification of firmware authenticity in TRENDnet TEW-821DAP up to version 1.12B01 allows remote attackers
Insufficient verification of data authenticity in the firmware update handler of TRENDnet TEW-821DAP 1.12B01 allows remo
OS command injection in TRENDnet TEW-821DAP firmware up to version 1.12B01 allows authenticated remote attackers to exec
OS command injection in TRENDnet TEW-821DAP firmware 1.11B03 allows a network-adjacent authenticated attacker to execute
OS command injection in the TRENDnet TEW-821DAP 1.11B03 wireless access point allows authenticated remote attackers to e
TRENDnet TEW-821DAP firmware version 1.12B01 transmits sensitive information in cleartext via the /www/cgi/ssi endpoint
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26767