CVE-2025-15471
Published: 07 January 2026
Summary
CVE-2025-15471 is a critical-severity Command Injection (CWE-77) vulnerability in Trendnet Tew-713Re Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 20.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Prohibits the use of unsupported and end-of-life system components like the TRENDnet TEW-713RE, preventing exposure to unpatchable vulnerabilities such as this OS command injection flaw.
Requires validation of information inputs like the SZCMD argument to directly prevent OS command injection exploitation.
Mandates identification and remediation of flaws like this command injection vulnerability, which for EOL products entails isolation, decommissioning, or replacement.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote OS command injection via public-facing web form directly enables T1190 (Exploit Public-Facing Application) for initial access and T1059.004 (Unix Shell) for arbitrary command execution on the embedded Linux device.
NVD Description
A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the argument SZCMD results in os command injection. It is possible to launch the attack remotely. The exploit…
more
is now public and may be used. The vendor confirms: "The product in question TEW-731RE for CVE-2025-15471 has been discontinued and end of life since October 23, 2020. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on the website product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Deeper analysisAI
CVE-2025-15471 is an OS command injection vulnerability (CWE-77, CWE-78) in TRENDnet TEW-713RE version 1.02. The issue resides in an unknown function within the file /goformX/formFSrvX, where manipulation of the SZCMD argument enables arbitrary command execution. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for high confidentiality, integrity, and availability impacts.
The vulnerability is exploitable remotely by unauthenticated attackers with network access, requiring low complexity and no user interaction. Successful exploitation allows attackers to inject and execute arbitrary operating system commands on the affected device, potentially leading to full compromise, data exfiltration, or further network pivoting.
Vendor advisories confirm that the product—identified as TEW-731RE in their statement—has been discontinued and reached end-of-life on October 23, 2020. No patches or support are available, and the vendor cannot verify the vulnerability but plans to post an announcement on the product support page and notify registered customers. This issue exclusively affects unsupported products.
The exploit is public and available for use, as noted in recent disclosures.
Details
- CWE(s)