CVE-2026-10119: Stack-based Buffer Overflow in TRENDnet TEW-432BRP
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
AI Analysis
Technical Summary
The TRENDnet TEW-432BRP router firmware version 3.10B20 contains a stack-based buffer overflow vulnerability in the formSetMACFilter function located at /goform/formSetMACFilter. The vulnerability arises from improper validation of the filter_name argument, allowing an attacker to overflow the stack buffer remotely. This can lead to potential code execution or denial of service. The vulnerability is publicly disclosed and has a CVSS 4.0 base score of 8.7, indicating high severity. The product is no longer supported by TRENDnet, which has explicitly stated they will not issue a fix due to the device being EOL since 2009. No patches or vendor mitigations exist.
Potential Impact
Successful exploitation of this vulnerability can lead to remote code execution or denial of service on the affected device. Given the high CVSS score and the nature of a stack-based buffer overflow, attackers could potentially take control of the device remotely. However, the impact is limited to devices running the unsupported TEW-432BRP firmware version 3.10B20. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official fix or patch is available from TRENDnet as the product has been end-of-life since 2009 and the vendor does not support it anymore. Users should consider replacing the affected device with a supported model to mitigate risk. Network-level protections such as firewall rules to restrict access to the device's management interface may reduce exposure but do not eliminate the vulnerability.
CVE-2026-10119: Stack-based Buffer Overflow in TRENDnet TEW-432BRP
Description
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS v4.0
Score 8.7high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The TRENDnet TEW-432BRP router firmware version 3.10B20 contains a stack-based buffer overflow vulnerability in the formSetMACFilter function located at /goform/formSetMACFilter. The vulnerability arises from improper validation of the filter_name argument, allowing an attacker to overflow the stack buffer remotely. This can lead to potential code execution or denial of service. The vulnerability is publicly disclosed and has a CVSS 4.0 base score of 8.7, indicating high severity. The product is no longer supported by TRENDnet, which has explicitly stated they will not issue a fix due to the device being EOL since 2009. No patches or vendor mitigations exist.
Potential Impact
Successful exploitation of this vulnerability can lead to remote code execution or denial of service on the affected device. Given the high CVSS score and the nature of a stack-based buffer overflow, attackers could potentially take control of the device remotely. However, the impact is limited to devices running the unsupported TEW-432BRP firmware version 3.10B20. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official fix or patch is available from TRENDnet as the product has been end-of-life since 2009 and the vendor does not support it anymore. Users should consider replacing the affected device with a supported model to mitigate risk. Network-level protections such as firewall rules to restrict access to the device's management interface may reduce exposure but do not eliminate the vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-29T17:19:19.054Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1aeab3e29bf47b503358e8
Added to database: 5/30/2026, 1:48:35 PM
Last enriched: 5/30/2026, 2:03:29 PM
Last updated: 5/31/2026, 4:56:22 AM
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.