A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub_43F2C4 of the file /goform/tools_nslookup of the component DNS Lookup Handler. This manipulation of the argument nslookup_target/dns_server causes os command injection. The attack can be initiated remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer.
Metrics
Affected Vendors & Products
References
History
Sun, 12 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Trendnet tew-821dap
|
|
| Vendors & Products |
Trendnet tew-821dap
|
Sun, 12 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub_43F2C4 of the file /goform/tools_nslookup of the component DNS Lookup Handler. This manipulation of the argument nslookup_target/dns_server causes os command injection. The attack can be initiated remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer. | |
| Title | TRENDnet TEW-821DAP DNS Lookup tools_nslookup sub_43F2C4 os command injection | |
| First Time appeared |
Trendnet
Trendnet tew-821dap Firmware |
|
| Weaknesses | CWE-77 CWE-78 |
|
| CPEs | cpe:2.3:o:trendnet:tew-821dap_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Trendnet
Trendnet tew-821dap Firmware |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-12T07:00:17.966Z
Reserved: 2026-07-11T10:12:21.398Z
Link: CVE-2026-15485
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-12T08:30:04Z