Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 12 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Trendnet tew-821dap
|
|
| Vendors & Products |
Trendnet tew-821dap
|
Sun, 12 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub_43F2C4 of the file /goform/tools_nslookup of the component DNS Lookup Handler. This manipulation of the argument nslookup_target/dns_server causes os command injection. The attack can be initiated remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer. | |
| Title | TRENDnet TEW-821DAP DNS Lookup tools_nslookup sub_43F2C4 os command injection | |
| First Time appeared |
Trendnet
Trendnet tew-821dap Firmware |
|
| Weaknesses | CWE-77 CWE-78 |
|
| CPEs | cpe:2.3:o:trendnet:tew-821dap_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Trendnet
Trendnet tew-821dap Firmware |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-12T07:00:17.966Z
Reserved: 2026-07-11T10:12:21.398Z
Link: CVE-2026-15485
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-12T08:30:04Z