Cyber Resilience

CVE-2026-5350

HighPublic PoC

Published: 02 April 2026

Published
02 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0081 52.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-5350 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Trendnet Tew-657Brm Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 47.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-5350 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) affecting the Trendnet TEW-657BRM router on firmware version 1.00.1. The flaw resides in the update_pcdb function within the /setup.cgi file, where manipulation of the mac_pc_dba argument triggers the overflow.

The vulnerability enables remote exploitation by an attacker possessing low privileges, such as an authenticated user, with low attack complexity and no requirement for user interaction. Successful exploitation grants high confidentiality, integrity, and availability impacts (CVSS v3.1 base score of 8.8: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), potentially allowing arbitrary code execution. A public exploit has been released and may be used for attacks.

Vendor advisories indicate no patches or support are available, as the TEW-657BRM reached end-of-life on June 23, 2011, over 14 years ago. The vendor cannot confirm the vulnerabilities due to lack of support but plans to announce details on their website's product support page and notify registered customers. The issue affects only discontinued, unsupported products.

Notable context includes the public availability of an exploit, increasing risk for any remaining deployments of this obsolete router.

EU & UK References

Vulnerability details

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update_pcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba results in stack-based buffer overflow. The attack can be launched remotely. The exploit…

more

has been released to the public and may be used for attacks. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The stack-based buffer overflow in the router's public web CGI interface (/setup.cgi) enables remote authenticated attackers to achieve arbitrary code execution on an internet-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-5349Same product: Trendnet Tew-657Brm
CVE-2026-5354Same product: Trendnet Tew-657Brm
CVE-2026-5355Same product: Trendnet Tew-657Brm
CVE-2026-5351Same product: Trendnet Tew-657Brm
CVE-2026-5353Same product: Trendnet Tew-657Brm
CVE-2026-5352Same product: Trendnet Tew-657Brm
CVE-2026-7607Same vendor: Trendnet
CVE-2026-9428Shared CWE-119, CWE-121
CVE-2024-46484Same vendor: Trendnet
CVE-2026-2886Shared CWE-119, CWE-121

Affected Assets

trendnet
tew-657brm firmware
1.00.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prohibits the use of unsupported system components like this EOL router with no patches available.

prevent

Requires identification and remediation of flaws, necessitating removal or replacement of unpatchable EOL systems vulnerable to this buffer overflow.

detect

Vulnerability scanning detects deployments of this EOL router firmware affected by the stack-based buffer overflow.

References