PT-2026-57525 · Trendnet · Tew-635Brm
Jfkk
·
Published
2026-07-12
·
Updated
2026-07-12
·
CVE-2026-15481
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Trendnet TEW-635BRM versions prior to 1.00.04
Description
A flaw in the IPoA WAN Connection Setup component allows remote command injection. The issue exists within the
ipoa test() function located in the /sbin/rc file. An attacker can trigger this by manipulating the ipoa ipaddr argument.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Special Elements Injection
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tew-635Brm