EUVD-2026-33312
GHSA-gp64-q6gp-h6g8
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
Command injection in TRENDnet TEW-432BRP firmware 3.10B20 allows network-reachable authenticated attackers to execute arbitrary OS commands by injecting shell metacharacters into the ip, mask, or gateway parameters of the formSetRoute CGI handler at /goform/formSetRoute. A public proof-of-concept exploit has been disclosed on GitHub. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold low-privilege authenticated access to the router's web management interface - the CVSS 4.0 vector specifies PR:L (low privileges required), confirming that unauthenticated exploitation is NOT supported by available data. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is moderate-to-elevated for any environment where this EOL device remains deployed, despite the anomalously low CVSS 4.0 score of 2.1. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained low-privilege credentials to the router's web management interface sends a crafted HTTP POST request to /goform/formSetRoute, embedding shell metacharacters (e.g., semicolons, backticks, or pipe characters) within the ip, mask, or gateway parameter values. The firmware's formSetRoute handler passes the unsanitized parameter directly into an OS command - such as a route configuration utility - executing attacker-controlled shell instructions with the firmware process's privilege level. … |
| Remediation | No vendor-released patch exists and none will ever be provided - TRENDnet has explicitly confirmed this product has been end-of-life since 2009 and cannot issue a fix. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today