Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find_hwid/new_gui_update_firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
Insufficient verification of data authenticity in the firmware update handler of TRENDnet TEW-821DAP 1.12B01 allows remote attackers to manipulate the dest argument during firmware updates, leading to integrity violations. The vulnerability requires high attack complexity and affects only end-of-life hardware (version 1.xR) discontinued 8 years ago. CVSS score is 3.7 (low) with integrity impact but no confidentiality or availability impact; no public exploit confirmed.
Technical ContextAI
The vulnerability resides in the find_hwid/new_gui_update_firmware component of the firmware update handler, a critical subsystem responsible for validating and applying firmware images to network devices. The flaw involves insufficient cryptographic verification (CWE-345) when processing the dest parameter, which likely controls the destination storage location or firmware image path during the update process. TRENDnet TEW-821DAP is a wireless access point/range extender that accepts firmware updates via network interface. The weakness allows attackers to bypass authenticity checks on firmware data, though the actual execution impact is limited by high attack complexity and the absence of confidentiality or availability breaches. The affected version 1.12B01 shipped exclusively with hardware revision 1.xR, a deprecated platform no longer maintained or sold.
RemediationAI
Vendor patch availability is confirmed per input data, though exact patched version number is not specified in available references. Users of the deprecated TRENDnet TEW-821DAP 1.xR hardware should obtain and apply the vendor-released patch through TRENDnet's support portal or GitHub repository (https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_Auth.md). Since the product is end-of-life, vendor support is limited; device replacement with current-generation TRENDnet access points is recommended for organizations requiring ongoing security updates and support. If immediate patching is impossible, disable remote firmware update functionality via device administration interface (if available) and restrict network access to the device's management port (typically TCP/80 or 443) using firewall rules to prevent remote firmware manipulation attempts. Note that disabling remote updates trades convenience for security and leaves the device vulnerable if physical access becomes available.
More in Tew 821Dap
View allBuffer overflow in the TRENDnet TEW-821DAP (firmware 1.12B01) wireless access point lets an authenticated remote attacke
Buffer overflow in the TRENDnet TEW-821DAP (v1.0R, firmware 1.12B01) dual-band access point lets an authenticated remote
Remote authenticated attackers can execute arbitrary code on TRENDnet TEW-821DAP v1.xR hardware running firmware 1.12B01
Insufficient verification of firmware authenticity in TRENDnet TEW-821DAP up to version 1.12B01 allows remote attackers
OS command injection in TRENDnet TEW-821DAP firmware up to version 1.12B01 allows authenticated remote attackers to exec
OS command injection in TRENDnet TEW-821DAP up to firmware version 1.12B01 allows authenticated local attackers to execu
OS command injection in TRENDnet TEW-821DAP firmware 1.11B03 allows a network-adjacent authenticated attacker to execute
OS command injection in the TRENDnet TEW-821DAP 1.11B03 wireless access point allows authenticated remote attackers to e
TRENDnet TEW-821DAP firmware version 1.12B01 transmits sensitive information in cleartext via the /www/cgi/ssi endpoint
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26760