Primary

Context

TRENDnet TEW-657BRM Authenticated Remote OS Command Injection Vulnerability

Vulnerability

An authenticated remote OS command injection vulnerability has been identified in the TRENDnet TEW-657BRM router, specifically in the setup.cgi binary. This vulnerability allows attackers to execute arbitrary commands with root privileges by exploiting certain HTTP parameters. The issue affects firmware version 1.00.1.

Impact

Exploitation of this vulnerability allows for authenticated remote OS command injection, with executed commands running with root privileges.

Reproduction

To reproduce this vulnerability, send an HTTP POST request to the router's setup.cgi endpoint. Include the 'command' parameter with the desired shell command, and set the 'todo' parameter to 'system_command' and the 'next_file' parameter to 'system_command.htm'. The request must be authenticated.

Added: Nov 26, 2025, 9:16 PM

Updated: Nov 26, 2025, 9:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.1

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.1

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-657BRM Authenticated Remote OS Command Injection Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating