Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability has been found in TRENDnet TEW-821DAP 1.12B01. This affects an unknown function of the file /www/cgi/ssi of the component Firmware Update. Such manipulation leads to cleartext transmission of sensitive information. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been disclosed to the public and may be used. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
TRENDnet TEW-821DAP firmware version 1.12B01 transmits sensitive information in cleartext via the /www/cgi/ssi endpoint during firmware updates, allowing remote unauthenticated attackers to intercept credentials or configuration data. The vulnerability affects end-of-life hardware (version v1.xR) discontinued 8 years ago and no longer supported by the vendor. Public exploit code is available, though the attack requires high complexity conditions to execute successfully.
Technical ContextAI
The vulnerability exists in the firmware update component of the TEW-821DAP wireless access point, specifically in the /www/cgi/ssi CGI script handler. The root cause (CWE-319: Cleartext Transmission of Sensitive Information) indicates that authentication credentials or sensitive configuration parameters transmitted during the firmware update process are not encrypted over the network. This legacy device likely uses HTTP without TLS or similar transport-layer security for administrative functions. The affected CPE indicates all versions of the TEW-821DAP firmware are potentially vulnerable, though the vendor confirms that only firmware 1.12B01 designed for hardware revision v1.xR exhibits this flaw.
RemediationAI
The vendor states a patch is available, though specific patched firmware versions are not identified in the provided data. Organizations still operating TRENDnet TEW-821DAP v1.xR hardware should contact TRENDnet support for available firmware updates, or migrate to currently supported access point hardware with modern security practices (TLS-encrypted management interfaces, recent firmware with security updates). If firmware updates cannot be applied due to lack of vendor support, implement compensating controls: restrict firmware update operations to isolated management networks with end-to-end encryption (VPN or console access only), disable remote management interfaces, and ensure firmware updates occur only over encrypted channels. The vendor's end-of-life status means no active security maintenance is expected, and continued use of this hardware poses cumulative security risk beyond this single vulnerability.
More in Tew 821Dap
View allBuffer overflow in the TRENDnet TEW-821DAP (firmware 1.12B01) wireless access point lets an authenticated remote attacke
Buffer overflow in the TRENDnet TEW-821DAP (v1.0R, firmware 1.12B01) dual-band access point lets an authenticated remote
Remote authenticated attackers can execute arbitrary code on TRENDnet TEW-821DAP v1.xR hardware running firmware 1.12B01
Insufficient verification of firmware authenticity in TRENDnet TEW-821DAP up to version 1.12B01 allows remote attackers
Insufficient verification of data authenticity in the firmware update handler of TRENDnet TEW-821DAP 1.12B01 allows remo
OS command injection in TRENDnet TEW-821DAP firmware up to version 1.12B01 allows authenticated remote attackers to exec
OS command injection in TRENDnet TEW-821DAP up to firmware version 1.12B01 allows authenticated local attackers to execu
OS command injection in TRENDnet TEW-821DAP firmware 1.11B03 allows a network-adjacent authenticated attacker to execute
OS command injection in the TRENDnet TEW-821DAP 1.11B03 wireless access point allows authenticated remote attackers to e
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26774