Unpatched command Injection flaw reported in Trendnet TEW-713RE extenders
Take action: If you are using TEW-713RE range extenders, make sure they are isolated from the internet and accessible from trusted networks only. Since Trendnet has not released a fix, plan a replacement with supported hardware.
Learn More
Trendnet TEW-713RE wireless range extenders are reported to have a critical security flaw that lets attackers take full control of the hardware.
The flaw is tracked as CVE-2025-15471 (CVSS score 9.8) is caused by the handling of system commands in the device's web management interface without authentication. The formFSrvX part of the goformX management tool uses a setting called SZCMD to pass raw commands directly to the system. The device runs these commands with root power without checking who sent them.
To use the exploit, an attacker sends a simple web request to the /goformX/formFSrvX page. By putting a command in the SZCMD setting, the attacker forces the router to run their code. This lets them:
- Run any shell commands
- Get root access to all files
- Watch or change network traffic
- Set up permanent backdoors like Telnet
The flaw affects Trendnet TEW-713RE firmware version 1.02. A PoC guide to exploit is already published. Researchers told Trendnet about the issue, but the company has not fixed it or replied.
Users should isolate these devices from public internet or any networks where external users may gain access. If you must use the device, put it behind a firewall or VPN and plan to replace it with a supported model.
