Cyber Resilience

CVE-2026-7607

HighPublic PoC

Published: 02 May 2026

Published
02 May 2026
Modified
06 May 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0063 45.8th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-7607 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Trendnet Tew-821Dap Firmware. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 45.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2026-7607 is a buffer overflow vulnerability affecting the auto_update_firmware function within the Firmware Update component of TRENDnet TEW-821DAP firmware version 1.12B01. The issue arises from manipulation of the 'str' argument, classified under CWE-119 and CWE-120, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability can be exploited remotely by an attacker with low privileges (PR:L), requiring no user interaction. Successful exploitation enables high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and denial of service through availability disruption, potentially leading to full remote code execution on the affected device.

Advisories indicate no patches or updates are available, as the vendor has end-of-life'd the product—specifically hardware version v1.xR—eight years ago and ceased sales. This vulnerability exclusively impacts unsupported devices, with mitigation limited to device replacement or network isolation; relevant details are documented in sources like the GitHub IOTRes repository and VULDB entries.

EU & UK References

Vulnerability details

A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains: "That…

more

firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Buffer overflow in public-facing firmware update component enables remote exploitation for code execution on network device.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7609Same product: Trendnet Tew-821Dap
CVE-2026-5350Same vendor: Trendnet
CVE-2026-5349Same vendor: Trendnet
CVE-2024-46484Same vendor: Trendnet
CVE-2026-6630Shared CWE-119, CWE-120
CVE-2026-7055Shared CWE-119, CWE-120
CVE-2026-1162Shared CWE-119, CWE-120
CVE-2025-12232Shared CWE-119, CWE-120
CVE-2025-15459Shared CWE-119, CWE-120
CVE-2025-7463Shared CWE-119, CWE-120

Affected Assets

trendnet
tew-821dap firmware
1.12b01

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires replacement, removal, or prohibition of unsupported system components like the EOL TRENDnet TEW-821DAP with no patches available.

prevent

Mandates risk-based flaw remediation for vulnerabilities like CVE-2026-7607, necessitating device replacement or isolation when patches are unavailable.

detect

Supports vulnerability scanning to identify buffer overflow flaws like CVE-2026-7607 in firmware, enabling timely remediation or isolation.

References