Primary

Context

TRENDnet TEW-657BRM Stack-Based Buffer Overflow Vulnerability

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the TRENDnet TEW-657BRM router, specifically in version 1.00.1. The issue arises in the 'update_pcdb' function of the '/setup.cgi' file, where the 'mac_pc_dba' parameter is processed without proper validation. This flaw allows for remote exploitation, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Reproduction

The vulnerability can be reproduced by sending a crafted POST request to '/setup.cgi' that includes a 'mac_pc_dba' parameter. This parameter should be filled with a payload that exceeds the buffer size, causing a stack overflow.

Added: Apr 2, 2026, 6:10 PM

Updated: Apr 2, 2026, 6:10 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

5.1

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

5.1

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-657BRM Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating