Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
CVE-2026-10159: TRENDnet TEW-432BRP Remote Code Execution via Log Form
CVE-2026-10159
Summary
Old versions of TRENDnet's TEW-432BRP router are vulnerable to a remote attack that could allow hackers to run malicious code. This is a concern because the router is no longer supported by the manufacturer, and they will not fix the issue. Users should consider replacing their outdated router to protect their network.
Original title
A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_pa...
Original description
A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 31 May 2026 · Updated: 1 Jun 2026 · First seen: 31 May 2026