Tew 432Brp Firmware
Monthly
Stack-based buffer overflow in TRENDnet TEW-432BRP firmware 3.10B20 allows a low-privileged remote attacker to corrupt memory via a manipulated `special_name` argument submitted to the `/goform/formSetPortTr` endpoint. The affected device reached end-of-life in 2009, and the vendor has explicitly declined to issue a patch, meaning no fix will ever be released. Publicly available exploit code exists (E:P per CVSS 4.0 vector), raising the practical risk for any deployment where this device remains internet-accessible or reachable by untrusted users.
Stack-based buffer overflow in TRENDnet TEW-432BRP firmware 3.10B20 allows a low-privileged remote attacker to corrupt memory via a manipulated `special_name` argument submitted to the `/goform/formSetPortTr` endpoint. The affected device reached end-of-life in 2009, and the vendor has explicitly declined to issue a patch, meaning no fix will ever be released. Publicly available exploit code exists (E:P per CVSS 4.0 vector), raising the practical risk for any deployment where this device remains internet-accessible or reachable by untrusted users.