CVE-2026-10064
6.3 MEDIUMA security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20
Published: 2026-05-29 · Last updated: 2026-06-03
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-119, CWE-121
Affected products
| Vendor | Product |
|---|---|
| trendnet | tew-432brp_firmware |
Description
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-10063 — A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20 (8.8 HIGH)
- CVE-2026-10062 — A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20 (8.8 HIGH)
- CVE-2026-10061 — A vulnerability was found in TRENDnet TEW-432BRP 3.10B20 (6.3 MEDIUM)
- CVE-2026-10060 — A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20 (6.3 MEDIUM)
Same CWE
- CVE-2026-7273 — A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allo... (8.8 HIGH)
- CVE-2025-55660 — A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of... (5.5 MEDIUM)
- CVE-2026-8356 — LibreOffice can import presentations in the legacy binary PPT format
- CVE-2026-12222 — A vulnerability was determined in Yealink SIP-T46U 108.86.0.118 (8.0 HIGH)
- CVE-2026-12221 — A vulnerability was found in Yealink SIP-T46U 108.86.0.118 (8.0 HIGH)