Skip to main content

Tew 657Brm EUVDEUVD-2026-18406

| CVE-2026-5352 LOW
OS Command Injection (CWE-78)
2026-04-02 VulDB
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
5.3 (MEDIUM) 2.1 (LOW)
PoC Detected
Apr 07, 2026 - 17:21 vuln.today
Public exploit code
EUVD ID Assigned
Apr 02, 2026 - 16:30 euvd
EUVD-2026-18406
Analysis Generated
Apr 02, 2026 - 16:30 vuln.today
CVE Published
Apr 02, 2026 - 16:00 nvd
MEDIUM 5.3

DescriptionCVE.org

A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb_list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Remote code execution via OS command injection in TrendNet TEW-657BRM 1.00.1 allows authenticated attackers to execute arbitrary commands through the pcdb_list parameter in /setup.cgi. The affected device has been end-of-life since June 2011 with no vendor support; publicly available exploit code exists but real-world impact is limited to legacy, unsupported hardware.

Technical ContextAI

The vulnerability resides in the /setup.cgi web interface of the TEW-657BRM wireless router, specifically in the 'Edit' function's handling of the pcdb_list argument. The underlying issue is CWE-78 (Improper Neutralization of Special Elements used in an OS Command), indicating that user-supplied input is passed unsanitized to operating system command execution routines. The CPE cpe:2.3:a:trendnet:tew-657brm identifies all versions of this specific device model; the documented affected version is 1.00.1. The attack leverages the router's web management interface, which presumably accepts configuration parameters and executes them within a shell context without proper input validation or escaping.

RemediationAI

No vendor patch is available; TrendNet explicitly stated the product is discontinued and end-of-life with no support provided. Organizations still operating this device should immediately retire and replace it with a modern, supported wireless router or network security appliance. If immediate replacement is not feasible, restrict web management access (/setup.cgi) to trusted internal IP addresses only via firewall rules, disable remote access to the device's web interface, and ensure strong, unique credentials are set if local access is required. Consult TrendNet's product support page (referenced in their advisory) for migration guidance. For reference, see VulDB entry https://vuldb.com/vuln/354705.

Share

EUVD-2026-18406 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy