CVE-2026-10063
8.8 HIGHA vulnerability was identified in TRENDnet TEW-432BRP 3.10B20
Published: 2026-05-29 · Last updated: 2026-06-03
Severity and scoring
- CVSS
- 8.8 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-119, CWE-121
Affected products
| Vendor | Product |
|---|---|
| trendnet | tew-432brp_firmware |
Description
A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-10064 — A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20 (6.3 MEDIUM)
- CVE-2026-10062 — A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20 (8.8 HIGH)
- CVE-2026-10061 — A vulnerability was found in TRENDnet TEW-432BRP 3.10B20 (6.3 MEDIUM)
- CVE-2026-10060 — A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20 (6.3 MEDIUM)
Same CWE
- CVE-2026-7273 — A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allo... (8.8 HIGH)
- CVE-2025-55660 — A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of... (5.5 MEDIUM)
- CVE-2026-8356 — LibreOffice can import presentations in the legacy binary PPT format
- CVE-2026-12222 — A vulnerability was determined in Yealink SIP-T46U 108.86.0.118 (8.0 HIGH)
- CVE-2026-12221 — A vulnerability was found in Yealink SIP-T46U 108.86.0.118 (8.0 HIGH)