CVE-2026-10120
Deferred Deferred - Pending Action
Stack-Based Buffer Overflow in TRENDnet TEW-432BRP

Publication date: 2026-05-30

Last updated on: 2026-06-01

Assigner: VulDB

Description
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewall_name results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-30
Last Modified
2026-06-01
Generated
2026-06-19
AI Q&A
2026-05-30
EPSS Evaluated
2026-06-18
NVD
CVE-2026-10120
EUVD
EUVD-2026-33462
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
trendnet tew-432brp 3.10b20
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-10120 is a stack-based buffer overflow vulnerability found in the TRENDnet TEW-432BRP router firmware, specifically in the function formSetFirewallRule accessed via the /goform/formSetFirewallRule endpoint.

The vulnerability occurs because the 'firewall_name' parameter is copied into a local stack variable without proper input validation or sanitization. An attacker can send a specially crafted POST request with an overly long string to overwrite the function's return address on the stack.

This causes the router to crash and become unresponsive, disrupting its services. The attack can be executed remotely.

Impact Analysis

This vulnerability can lead to a denial of service condition by crashing the affected TRENDnet router, making it unresponsive and disrupting network services.

Because the exploit is publicly available and can be triggered remotely with low complexity, attackers can easily exploit this flaw to interrupt your network connectivity.

Additionally, since the vulnerability allows overwriting the return address, it could potentially be leveraged for more advanced attacks, although the primary known impact is service disruption.

Detection Guidance

This vulnerability can be detected by sending a specially crafted POST request to the '/goform/formSetFirewallRule' endpoint with a long string in the 'firewall_name' parameter. If the device crashes or becomes unresponsive, it indicates the presence of the vulnerability.

A detection command example using curl would be:

  • curl -X POST -d "firewall_name=$(python3 -c 'print("a"*1000)')" http://<router-ip>/goform/formSetFirewallRule

If the router crashes or stops responding after this request, it confirms the vulnerability due to the stack-based buffer overflow caused by the long 'firewall_name' input.

Mitigation Strategies

Since the affected TRENDnet TEW-432BRP product has been end-of-life for 15 years and no patches or fixes are available, immediate mitigation steps include:

  • Isolate the vulnerable device from untrusted networks to prevent remote exploitation.
  • Disable remote management or access to the device if possible.
  • Replace the device with a supported and updated router model to ensure security patches and vendor support.
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10120. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart