CVE-2026-5350 identifies a critical stack-based buffer overflow vulnerability in the Trendnet TEW-657BRM wireless router firmware version 1.00.1. The vulnerability resides in the update_pcdb function of the /setup.cgi endpoint, where improper handling of the mac_pc_dba parameter allows an attacker to overflow the stack buffer. This flaw can be exploited remotely over the network without requiring authentication or user interaction, enabling potential arbitrary code execution with elevated privileges. The exploit has been publicly released, increasing the risk of active exploitation. However, the affected product was discontinued and reached end-of-life on June 23, 2011, meaning no official patches or vendor support are available. The CVSS 4.0 base score of 8.7 indicates high severity, with network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. Due to the age and unsupported status of the device, organizations must consider hardware replacement or network segmentation as primary mitigation strategies. No official patches or updates are provided by Trendnet, and the vendor has announced they will notify registered customers via their support page. This vulnerability highlights risks associated with legacy, unsupported network infrastructure devices still in operational environments.

The vulnerability allows remote attackers to execute arbitrary code on affected Trendnet TEW-657BRM routers, potentially leading to full compromise of the device. This can result in unauthorized access to internal networks, interception or manipulation of network traffic, disruption of network availability, and pivoting to other connected systems. Since the device is a network router, exploitation could undermine network perimeter security, exposing sensitive organizational data and critical infrastructure. The lack of vendor support and patches increases the risk, as organizations cannot remediate the flaw through software updates. Continued use of this legacy device in production environments poses a significant security risk, especially in environments where network segmentation or compensating controls are absent. The public availability of exploit code further elevates the threat level, increasing the likelihood of exploitation by opportunistic attackers or advanced threat actors targeting outdated network equipment.

Given the absence of vendor patches due to end-of-life status, the primary mitigation is to immediately replace the Trendnet TEW-657BRM routers with modern, supported hardware that receives regular security updates. If replacement is not immediately feasible, organizations should isolate these devices from critical network segments, restrict management interface access to trusted administrators only, and implement strict network segmentation to limit potential lateral movement. Employ network intrusion detection/prevention systems (IDS/IPS) to monitor and block suspicious traffic targeting the /setup.cgi endpoint or unusual mac_pc_dba parameter usage. Disable remote management interfaces if not required, and enforce strong network access controls. Regularly audit network infrastructure to identify legacy or unsupported devices and prioritize their decommissioning. Maintain an asset inventory to avoid unknowingly operating vulnerable equipment. Finally, educate network administrators about the risks of unsupported devices and the importance of timely hardware lifecycle management.