Skip to main content

TRENDnet TEW-432BRP CVE-2026-10119

| EUVD-2026-33461 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-05-30 VulDB GHSA-6h97-47q2-q3f7
Buffer Overflow Stack Overflow Tew 432Brp
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
May 30, 2026 - 14:28 vuln.today
v3 (cvss_changed)
Analysis Updated
May 30, 2026 - 14:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 30, 2026 - 14:22 vuln.today
cvss_changed
CVSS changed
May 30, 2026 - 14:22 NVD
8.8 (HIGH) 7.4 (HIGH)
Analysis Generated
May 30, 2026 - 13:59 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Stack-based buffer overflow in TRENDnet TEW-432BRP 3.10B20 router firmware allows authenticated remote attackers to corrupt memory via the filter_name parameter of the formSetMACFilter handler at /goform/formSetMACFilter, potentially leading to arbitrary code execution or device compromise. Publicly available exploit code exists (published via GitHub), and the vendor has explicitly stated they will not patch because the device reached end-of-life in 2009. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Identify exposed TEW-432BRP web UI
Delivery
Obtain admin credentials (default/brute force)
Exploit
Send crafted POST to /goform/formSetMACFilter
Install
Overflow stack via oversized filter_name
C2
Hijack saved return address
Execute
Execute shellcode on router
Impact
Pivot to LAN or hijack DNS
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Attacker requires network reachability to the TEW-432BRP web management interface (typically TCP/80 on the LAN, or WAN if remote management is enabled) and valid low-privilege authenticated access to the management UI (CVSS PR:L) - in practice this means knowledge of the admin password, which on many deployed units remains the factory default. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H) indicates network-reachable, low-complexity exploitation requiring low privileges (PR:L) - meaning an authenticated session to the router's management interface is needed - with high confidentiality, integrity, and availability impact on the device itself (no scope change). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained or guessed administrator credentials to the router's web UI (often trivial on legacy SOHO devices with default passwords) sends a crafted HTTP POST to /goform/formSetMACFilter with an overlong filter_name value, overflowing the stack buffer to overwrite the saved return address and redirect execution to attacker-controlled shellcode or a ROP chain. A publicly available proof-of-concept is published on GitHub by researcher wudipjq, lowering the skill barrier; successful exploitation yields code execution on the router, enabling DNS hijacking, traffic interception, or pivoting into the LAN.
Remediation No vendor-released patch identified at time of analysis, and the vendor has explicitly stated none will be produced because the TEW-432BRP has been EOL since 2009. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify and isolate any TEW-432BRP units currently deployed; apply restrictive firewall rules to limit network access. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10119 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy