Description
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-05-31
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack‑based buffer overflow (CWE‑119, CWE‑121) exists in the formSetEnableWizard function of the TRENDnet TEW‑432BRP firmware endpoint /goform/formSetEnableWizard, triggered by manipulating the start_wizard argument. The unchecked argument leads to unchecked buffer placement on the stack, allowing an attacker to corrupt program control flow and execute arbitrary code remotely. This can compromise the device and the network segment it controls.

Affected Systems

TRENDnet TEW‑432BRP model operating firmware version 3.10B20 is affected. The device is no longer supported, and no vendor patch is available.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, while the vulnerability is not in the CISA KEV catalog. Attacks can be launched remotely out of band, and the exploit is publicly disclosed. Because the product is out of support, the risk of exploitation remains high with no official mitigation from the vendor.

Generated by OpenCVE AI on May 31, 2026 at 03:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Isolate the TEW‑432BRP from all external networks or shut it down to eliminate remote access attempts.
  • Replace the device with a currently supported wireless access point that receives regular security updates.
  • Configure firewall or access‑control lists to block all management traffic to the device from non‑trusted networks.

Generated by OpenCVE AI on May 31, 2026 at 03:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 31 May 2026 02:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Title TRENDnet TEW-432BRP formSetEnableWizard stack-based overflow
First Time appeared Trendnet
Trendnet tew-432brp
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:a:trendnet:tew-432brp:*:*:*:*:*:*:*:*
Vendors & Products Trendnet
Trendnet tew-432brp
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Trendnet Tew-432brp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-31T01:30:09.425Z

Reserved: 2026-05-30T07:00:29.298Z

Link: CVE-2026-10160

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-31T03:16:14.430

Modified: 2026-05-31T03:16:14.430

Link: CVE-2026-10160

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-31T05:00:11Z

Weaknesses