Skip to content
CVSS 8.8 · HIGH

CVE-2026-7607

A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.

View on NVD

Analysis

This vulnerability affects legacy firmware for a TRENDnet access point that has been end-of-life for eight years. It is a vendor-specific hardware issue that does not impact modern software development stacks, Linux servers, or common developer tooling.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-119CWE-120

EPSS

Probability of exploitation (next 30 days): 0.0004 (0.0%)
Percentile: 12.3%
EPSS: 2026-05-06

Affects

trendnet:tew-821dap_firmwaretrendnet:tew-821dap

Technical description

A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.

Published: 5/2/2026, 8:16:28 AM
Last modified: 5/6/2026, 8:23:57 PM

References

HomeEventsBlogResourcesTeam