← Back
2026-05-30 15:15CVE-2026-10122VulDB
PUBLISHED5.2ApplicationCWE-121CWE-119unsupported-when-assigned

TRENDnet TEW-432BRP formSetProtocolFilter stack-based overflow

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.

Problem type

Affected products

TRENDnet

TEW-432BRP

3.10B20 - AFFECTED

References

VDB-367299 | TRENDnet TEW-432BRP formSetProtocolFilter stack-based overflow

https://vuldb.com/vuln/367299

vdb-entrytechnical-description
VDB-367299 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/367299/cti

signaturepermissions-required
Submit #814766 | TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow

https://vuldb.com/submit/814766

third-party-advisory
github.com

https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_9/9.md

exploit

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-10122
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-10122",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-05-30T15:15:07.889Z",
    "dateReserved": "2026-05-29T17:19:26.741Z",
    "datePublished": "2026-05-30T15:15:07.889Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-05-30T15:15:07.889Z"
      },
      "title": "TRENDnet TEW-432BRP formSetProtocolFilter stack-based overflow",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: \"This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities.\" This vulnerability only affects products that are no longer supported by the maintainer."
        }
      ],
      "affected": [
        {
          "vendor": "TRENDnet",
          "product": "TEW-432BRP",
          "cpes": [
            "cpe:2.3:a:trendnet:tew-432brp:*:*:*:*:*:*:*:*"
          ],
          "versions": [
            {
              "version": "3.10B20",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Stack-based Buffer Overflow",
              "cweId": "CWE-121",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Memory Corruption",
              "cweId": "CWE-119",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/vuln/367299",
          "name": "VDB-367299 | TRENDnet TEW-432BRP formSetProtocolFilter stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/vuln/367299/cti",
          "name": "VDB-367299 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/submit/814766",
          "name": "Submit #814766 | TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_9/9.md",
          "tags": [
            "exploit"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
            "baseScore": 9
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-05-29T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-05-29T02:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-05-29T19:24:41.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "pjqwudi_Buoy (VulDB User)",
          "type": "reporter"
        },
        {
          "lang": "en",
          "value": "VulDB CNA Team",
          "type": "coordinator"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  }
}