A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platform_do_upgrade_cameo_dev of the file cameo_dev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is said to be difficult. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.
References
| Link | Resource |
|---|---|
| https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_Inte.md | Exploit Third Party Advisory |
| https://vuldb.com/submit/806218 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/360568 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/360568/cti | Permissions Required VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
History
06 May 2026, 20:26
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:trendnet:tew-821dap:1.0r:*:*:*:*:*:*:* cpe:2.3:o:trendnet:tew-821dap_firmware:1.12b01:*:*:*:*:*:*:* |
|
| References | () https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_Inte.md - Exploit, Third Party Advisory | |
| References | () https://vuldb.com/submit/806218 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/360568 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/360568/cti - Permissions Required, VDB Entry | |
| First Time |
Trendnet
Trendnet tew-821dap Firmware Trendnet tew-821dap |
02 May 2026, 10:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-02 10:16
Updated : 2026-06-17 11:02
NVD link : CVE-2026-7611
Mitre link : CVE-2026-7611
CVE.ORG link : CVE-2026-7611
JSON object : View
Products Affected
trendnet
- tew-821dap_firmware
- tew-821dap
CWE
CWE-345
Insufficient Verification of Data Authenticity
