Buffer Overflow in TRENDnet TEW-432BRP Affects Network Security
CVE-2026-10159

8.7HIGH

Key Information:

Vendor

Trendnet

Vendor
CVE Published:
31 May 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-10159?

A vulnerability has been discovered in the TRENDnet TEW-432BRP router, specifically within the formSysLog function located in the /goform/formSysLog file. This flaw arises from improper handling of the 'current_page' argument, resulting in a stack-based buffer overflow. Attackers can exploit this vulnerability remotely, potentially allowing unauthorized access and control over the device. It is important to note that the manufacturer has declared this product End of Life (EOL) as of 2009, which means it no longer receives updates or support, making it highly susceptible to this and other vulnerabilities.

Affected Version(s)

TEW-432BRP 3.10B20

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

pjq_Buoy (VulDB User)
VulDB CNA Team
.