OS Command Injection in TRENDnet TEW-821DAP Firmware Update
CVE-2026-15486
5.3MEDIUM
What is CVE-2026-15486?
A remote exploitable OS command injection vulnerability has been identified in the firmware update handler of TRENDnet TEW-821DAP. This flaw allows attackers to manipulate function arguments related to hostname, username, or password, leading to unauthorized command execution on the device. It's important to note that this vulnerability impacts obsolete products for which vendor support has been discontinued, raising risks for users of these devices.
Affected Version(s)
TEW-821DAP 1.11B03
