CVE-2026-10062
Stack-Based Buffer Overflow in TRENDnet TEW-432BRP
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| trendnet | tew-432brp | 3.10b20 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-10062 is a stack-based buffer overflow vulnerability in the TRENDnet TEW-432BRP router, specifically in the function formSetRoute accessed via /goform/formSetRoute.
The vulnerability occurs because the 'ip' parameter in an HTTP POST request is copied directly into a local stack variable without proper input validation or length checks.
An attacker can exploit this by sending a specially crafted long string as the 'ip' value, which overwrites the function's return address, causing the router to crash and become unresponsive.
This vulnerability can be exploited remotely and is due to insufficient input sanitization in the parameter extraction process.
How can this vulnerability impact me? :
Exploitation of this vulnerability can cause the affected TRENDnet router to crash and become permanently unresponsive, disrupting network services.
This denial of service can interrupt internet connectivity or internal network operations, potentially affecting business continuity or personal network usage.
Since the device is no longer supported and cannot be patched, the risk remains unless the device is replaced.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a crafted HTTP POST request to the /goform/formSetRoute endpoint with an abnormally long string in the 'ip' parameter. If the device crashes or becomes unresponsive after this request, it indicates the presence of the buffer overflow vulnerability.
A simple detection command using curl could be:
- curl -X POST http://[router_ip]/goform/formSetRoute -d "ip=$(python3 -c 'print("a"*500)')&mask=255.255.255.0&gateway=192.168.0.1"
If the router crashes or stops responding after this command, it confirms the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Since the affected TRENDnet TEW-432BRP device has been end-of-life for 15 years and no patches or fixes are available, immediate mitigation steps include:
- Remove or isolate the vulnerable device from the network to prevent remote exploitation.
- Replace the device with a supported and updated router model that receives security patches.
- If replacement is not immediately possible, restrict access to the device's management interface by limiting IP addresses that can reach it or disabling remote management.