← Back
2026-05-30 15:30CVE-2026-10123VulDB
PUBLISHED5.2ApplicationCWE-121CWE-119unsupported-when-assigned

TRENDnet TEW-432BRP formSetDomainFilter stack-based overflow

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.

Problem type

Affected products

TRENDnet

TEW-432BRP

3.10B20 - AFFECTED

References

VDB-367300 | TRENDnet TEW-432BRP formSetDomainFilter stack-based overflow

https://vuldb.com/vuln/367300

vdb-entrytechnical-description
VDB-367300 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/367300/cti

signaturepermissions-required
Submit #814767 | TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow

https://vuldb.com/submit/814767

third-party-advisory
github.com

https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_10/10.md

exploit

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-10123
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-10123",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-05-30T15:30:09.461Z",
    "dateReserved": "2026-05-29T17:19:29.210Z",
    "datePublished": "2026-05-30T15:30:09.461Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-05-30T15:30:09.461Z"
      },
      "title": "TRENDnet TEW-432BRP formSetDomainFilter stack-based overflow",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor explains: \"This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities.\" This vulnerability only affects products that are no longer supported by the maintainer."
        }
      ],
      "affected": [
        {
          "vendor": "TRENDnet",
          "product": "TEW-432BRP",
          "cpes": [
            "cpe:2.3:a:trendnet:tew-432brp:*:*:*:*:*:*:*:*"
          ],
          "versions": [
            {
              "version": "3.10B20",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Stack-based Buffer Overflow",
              "cweId": "CWE-121",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Memory Corruption",
              "cweId": "CWE-119",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/vuln/367300",
          "name": "VDB-367300 | TRENDnet TEW-432BRP formSetDomainFilter stack-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/vuln/367300/cti",
          "name": "VDB-367300 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/submit/814767",
          "name": "Submit #814767 | TRENDnet TEW-432BRP 3.10B20 Stack-based Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_10/10.md",
          "tags": [
            "exploit"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
            "baseScore": 9
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-05-29T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-05-29T02:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-05-29T19:24:44.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "pjqwudi_Buoy (VulDB User)",
          "type": "reporter"
        },
        {
          "lang": "en",
          "value": "VulDB CNA Team",
          "type": "coordinator"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  }
}