VYPR

Tew 657brm Firmware

by Trendnet

CVEs (8)

  • CVE-2026-5350HigApr 2, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update_pcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has…

  • CVE-2026-5349HigApr 2, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add_apcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly…

  • CVE-2026-5355MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn_drop of the file /setup.cgi. The manipulation of the argument policy_name leads to os command injection. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-5354MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to os command injection. The attack can be executed remotely. The exploit has…

  • CVE-2026-5353MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function ping_test of the file /setup.cgi. Performing a manipulation of the argument c4_IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public…

  • CVE-2026-5352MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.04

    A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb_list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed…

  • CVE-2026-5351MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.04

    A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function add_wps_client of the file /setup.cgi. This manipulation of the argument wl_enrolee_pin causes os command injection. The attack may be initiated remotely. The exploit has been made available…

  • CVE-2025-65202Nov 26, 2025
    risk 0.00cvss epss 0.07

    TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "next_file," which allows an attacker to execute arbitrary commands with root privileges.