CVE-2026-5352
Received Received - Intake
OS Command Injection in Trendnet TEW-657BRM /setup.cgi (Discontinued

Publication date: 2026-04-02

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb_list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-02
Last Modified
2026-04-29
Generated
2026-05-06
AI Q&A
2026-04-02
EPSS Evaluated
2026-05-05
NVD
CVE-2026-5352
EUVD
EUVD-2026-18406
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
trendnet tew-657brm_firmware 1.00.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-5352 is a remote OS command injection vulnerability in the Trendnet TEW-657BRM router, version 1.00.1. It occurs in the setup.cgi script, specifically in the handling of the "pcdb_list" parameter. This parameter is taken from user input and passed directly to a system call without any validation or sanitization, allowing an attacker to inject arbitrary operating system commands remotely.

The attack can be performed by sending a specially crafted POST request to /setup.cgi with a malicious "pcdb_list" value. Although the attacker needs to authenticate with admin credentials, the vulnerability enables execution of arbitrary commands on the device.


How can this vulnerability impact me? :

This vulnerability allows an authenticated remote attacker to execute arbitrary operating system commands on the affected Trendnet TEW-657BRM device. This can lead to unauthorized control over the device, potentially allowing the attacker to manipulate device settings, access sensitive information, disrupt network operations, or use the device as a foothold for further attacks within the network.

However, it is important to note that the affected product has been discontinued and unsupported since June 23, 2011, which means no official patches or support are available to mitigate this risk.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to exploit the command injection flaw in the /setup.cgi endpoint using the pcdb_list parameter. Since the vulnerability requires authentication, you need valid admin credentials to test it.

A detection method involves sending a crafted POST request to /setup.cgi with a malicious pcdb_list parameter that injects an OS command. For example, injecting the command "; /bin/ls>/2.txt #" will execute the ls command and write the output to a file named 2.txt on the device.

If you have access to the device, you can check for the presence of the 2.txt file or similar artifacts created by injected commands.

Example command using curl to test the vulnerability (replace admin:password with valid credentials and device_ip with the router's IP):

  • curl -X POST -u admin:password -d "pcdb_list=; /bin/ls>/2.txt #" http://device_ip/setup.cgi

What immediate steps should I take to mitigate this vulnerability?

The affected product, Trendnet TEW-657BRM 1.00.1, has been discontinued and is no longer supported since June 23, 2011. Therefore, no official patches or updates are available to fix this vulnerability.

Immediate mitigation steps include:

  • Restrict access to the device's management interface to trusted networks only.
  • Disable remote management if it is enabled to prevent remote exploitation.
  • Change default or weak admin credentials to strong, unique passwords to reduce the risk of unauthorized access.
  • Monitor network traffic for suspicious POST requests to /setup.cgi with unusual parameters.

Ultimately, consider replacing the device with a supported and updated model to ensure security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart