Description
A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-04-02
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Replace Device
AI Analysis

Impact

The vulnerability lies in the vpn_connect handler of the setup.cgi script on the Trendnet TEW‑657BRM. By manipulating the policy_name argument an attacker can execute arbitrary OS commands on the device, which effectively grants remote code execution. The flaw is a classic OS command injection, matching CWE‑77 and CWE‑78, and allows a remote adversary to compromise the router’s confidentiality, integrity, and availability.

Affected Systems

The affected device is the Trendnet TEW‑657BRM running firmware 1.00.1. This model was discontinued and reached end‑of‑life in 2011, and the vendor no longer provides support or updates for it.

Risk and Exploitability

The CVSS score of 5.3 places the issue in the medium severity range, while the EPSS of 1% indicates a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, yet published exploits exist, implying that an attacker can trigger the flaw over a remote connection. Because the device is unsupported, patching is impossible, leaving the risk largely unmitigated unless the device is removed from or isolated within the network.

Generated by OpenCVE AI on April 7, 2026 at 23:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Replace the Trendnet TEW‑657BRM with a supported, up‑to‑date router that receives security updates.
  • If immediate replacement is not feasible, isolate the device from critical network segments and restrict management access to trusted internal sources only.
  • Block external access to the router’s management interfaces (HTTP/HTTPS) using a firewall or ACL.
  • Disable or remove the vpn_connect feature if it is not required for operation.
  • Monitor network traffic for unusual SSH/HTTP activity originating from the device and review logs for signs of exploitation attempts.
  • Keep the device’s firmware at the latest available version (1.00.1), even though it is end‑of‑life, to maintain the minimum known configuration.

Generated by OpenCVE AI on April 7, 2026 at 23:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:h:trendnet:tew-657brm:-:*:*:*:*:*:*:*
cpe:2.3:o:trendnet:tew-657brm_firmware:1.00.1:*:*:*:*:*:*:*

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Trendnet tew-657brm
Vendors & Products Trendnet tew-657brm

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Title Trendnet TEW-657BRM setup.cgi vpn_connect os command injection
First Time appeared Trendnet
Trendnet tew-657brm Firmware
Weaknesses CWE-77
CWE-78
CPEs cpe:2.3:o:trendnet:tew-657brm_firmware:*:*:*:*:*:*:*:*
Vendors & Products Trendnet
Trendnet tew-657brm Firmware
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Trendnet Tew-657brm Tew-657brm Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-02T18:58:15.422Z

Reserved: 2026-04-01T16:47:18.384Z

Link: CVE-2026-5354

cve-icon Vulnrichment

Updated: 2026-04-02T18:58:10.498Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T17:16:32.287

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-5354

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:55:32Z

Weaknesses