CVE-2026-7607:
A remotely exploitable buffer overflow vulnerability exists in the `auto_update_firmware` function of TRENDnet TEW-821DAP firmware version 1.12B01, allowing authenticated attackers to achieve full system compromise via manipulation of the `str` argument.
Score
A numerical rating that indicates how dangerous this vulnerability is.
8.8High- Published Date:May 2, 2026
- CISA KEV Date:*No Data*
- Industries Affected:20
Threat Predictions
- EPSS Score:0.0
- EPSS Percentile:12%
Exploitability
- Score:2.8
- Attack Vector:NETWORK
- Attack Complexity:LOW
- Privileges Required:LOW
- User Interaction:NONE
- Scope:UNCHANGED
Impact
- Score:5.9
- Confidentiality Impact:HIGH
- Integrity Impact:HIGH
- Availability Impact:HIGH
Description Preview
A remotely exploitable buffer overflow vulnerability exists in the `auto_update_firmware` function of TRENDnet TEW-821DAP firmware version 1.12B01, allowing authenticated attackers to achieve full system compromise via manipulation of the `str` argument.
Overview
CVE-2026-7607 affects the TRENDnet TEW-821DAP access point running firmware version 1.12B01 on hardware version v1.xR. The vulnerability is a buffer overflow in the `auto_update_firmware` function of the Firmware Update component, triggered by improper handling of the `str` argument. An authenticated remote attacker can exploit this flaw with low complexity and no user interaction, resulting in complete compromise of the device. TRENDnet has confirmed that the affected product reached end-of-life approximately eight years ago and no patch will be provided. This vulnerability is tagged as "unsupported-when-assigned," indicating the product was already out of support at the time of disclosure.
Remediation
- Because TRENDnet has officially declared the TEW-821DAP (hardware version v1.xR) end-of-life and will not release a firmware patch, no vendor-supported fix is available. Organizations are strongly advised to immediately decommission all affected devices and replace them with a currently supported access point that receives active security updates. If immediate replacement is not feasible, the risk can be partially mitigated by isolating the device from untrusted network segments, restricting management interface access to trusted IP addresses only via firewall or ACL rules, disabling remote administration features where possible, and monitoring for anomalous traffic to or from the device. These measures reduce but do not eliminate the risk, and hardware replacement remains the only definitive remediation.
References
- - [CVE-2026-7607 - NVD](https://nvd.nist.gov/vuln/detail/CVE-2026-7607)
- - [VulDB Entry 360564](https://vuldb.com/vuln/360564)
- - [VulDB CTI Entry 360564](https://vuldb.com/vuln/360564/cti)
- - [VulDB Submission 806214](https://vuldb.com/submit/806214)
- - [IOTRes GitHub - TRENDnet TEW-821DAP Buffer Overflow PoC](https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Trendnet/TEW-821DAP_BO.md)
- - [CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer](https://cwe.mitre.org/data/definitions/119.html)
- - [CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')](https://cwe.mitre.org/data/definitions/120.html)
Industries Affected
Below is a list of industries most commonly impacted or potentially at risk based on intelligence.
