Stack-Based Buffer Overflow in TRENDnet TEW-432BRP Router
CVE-2026-10158
Key Information:
- Vendor
Trendnet
- Status
- Vendor
- CVE Published:
- 31 May 2026
Badges
What is CVE-2026-10158?
A security flaw has been identified in the TRENDnet TEW-432BRP router's formPortFw function. This vulnerability allows for a stack-based buffer overflow through manipulation of the server_name argument in the /goform/formPortFw file. As the flaw can be exploited remotely, it poses a significant risk. It is important to note that this product has been end-of-life (EOL) for 15 years, with the vendor stating they can no longer replicate or provide fixes for this vulnerability, thus leaving affected users without support or mitigation options.
Affected Version(s)
TEW-432BRP 3.10B20
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
