CVE-2025-65202 | THREATINT

Description

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "next_file," which allows an attacker to execute arbitrary commands with root privileges.

PUBLISHED Reserved 2025-11-18 | Published 2025-11-26 | Updated 2025-11-26 | Assigner mitre

References

github.com/WhereisRain/TEW-657BRM

cve.org (CVE-2025-65202)

nvd.nist.gov (CVE-2025-65202)

Download JSON