CVE-2026-7606

LOW 3.7

TRENDnet TEW-821DAP Firmware Update new_gui_update_firmware data authenticity

CVSS Score

3.7

EPSS Score

0.0%

EPSS Percentile

0th

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find_hwid/new_gui_update_firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.

CWE	CWE-345
Vendor	trendnet
Product	tew-821dap
Published	May 2, 2026

Stay Ahead of the Next One

Get instant alerts for trendnet tew-821dap

Be the first to know when new low vulnerabilities affecting trendnet tew-821dap are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

TRENDnet / TEW-821DAP

1.12B01

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/360563 vuldb.com: https://vuldb.com/vuln/360563/cti vuldb.com: https://vuldb.com/submit/806213 github.com: https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_Auth.md

Credits

🔍 IOT_Res (VulDB User) VulDB CNA Team