CVE-2026-5351

medium

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function add_wps_client of the file /setup.cgi. This manipulation of the argument wl_enrolee_pin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.

6.3

cvss medium

common vulnerability scoring system v3.1. measures intrinsic severity on a 0-10 scale.

epss 0.0084

exploitation prediction scoring system. probability this vulnerability will be exploited in the wild in the next 30 days.

kev no

cisa known exploited vulnerabilities catalog. confirmed active exploitation.

CVSS 4.0 Common Vulnerability Scoring System v4.0

5.3 / 10

MEDIUM

exploitability

Attack Vector

Network

Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.

Attack Complexity

Low

Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.

Attack Requirements

None

Attack Requirements (AT:N): no special deployment or execution conditions needed.

Privileges Required

Low

Privileges Required (PR:L): requires basic user-level access.

User Interaction

None

User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.

vulnerable system impact

Vuln Confidentiality

Low

Confidentiality (VC:L): limited data exposure. some restricted information can be read.

Vuln Integrity

Low

Integrity (VI:L): limited data modification. some data can be altered.

Vuln Availability

Low

Availability (VA:L): reduced performance or partial service interruption.

subsequent system impact

Sub Confidentiality

None

Subsequent Confidentiality: impact on data confidentiality of downstream/connected systems. Value: N (None)

Sub Integrity

None

Subsequent Integrity: impact on data integrity of downstream/connected systems. Value: N (None)

Sub Availability

None

Subsequent Availability: impact on service availability of downstream/connected systems. Value: N (None)

supplemental

exploit maturity: poc Exploit Maturity: has a functional exploit been observed? Attacked = actively exploited. PoC = proof-of-concept exists. Unreported = no known exploit.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

CVSS 3.1 Common Vulnerability Scoring System v3.1

6.3 / 10

MEDIUM

exploitability

Attack Vector

Network

Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.

Attack Complexity

Low

Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.

Privileges Required

Low

Privileges Required (PR:L): requires basic user-level access.

User Interaction

None

User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.

impact

Scope

Unchanged

Scope (S:U): impact limited to the vulnerable component.

Confidentiality

Low

Confidentiality (C:L): limited data exposure. some restricted information can be read.

Integrity

Low

Integrity (I:L): limited data modification. some data can be altered.

Availability

Low

Availability (A:L): reduced performance or partial service interruption.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

CVSS 3.0 Common Vulnerability Scoring System v3.0

6.3 / 10

MEDIUM

exploitability

Attack Vector

Network

Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.

Attack Complexity

Low

Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.

Privileges Required

Low

Privileges Required (PR:L): requires basic user-level access.

User Interaction

None

User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.

impact

Scope

Unchanged

Scope (S:U): impact limited to the vulnerable component.

Confidentiality

Low

Confidentiality (C:L): limited data exposure. some restricted information can be read.

Integrity

Low

Integrity (I:L): limited data modification. some data can be altered.

Availability

Low

Availability (A:L): reduced performance or partial service interruption.

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

exploitation detection attribution advisories media timeline

activity density

rdintel assessment

composite score from 15+ signals including exploitation status, epss probability, detection coverage, and community attention. 0-100 scale.

exploitation

actively exploited

Vendor - Product Name

Apply vendor-provided patches

poc repositories (3)

researcher/exploit-poc - 42 stars - Python

security-lab/cve-checker - 18 stars - Go

detection

nuclei-template-id - critical - by projectdiscovery

sigma-rule-title - high - windows

timeline

2024-01-15 - published - CVE record created

2024-01-18 - poc - First exploit code published

2024-01-20 - kev - Added to known exploited

pocs, detection rules, timeline, advisories, and more