A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20
The TRENDnet TEW-432BRP 3.10B20 router has a stack-based buffer overflow vulnerability in the formSetEnableWizard function, which can be exploited remotely. This occurs when the start_wizard argument is manipulated, allowing an attacker to potentially execute arbitrary code. The vendor has stated that this product is no longer supported due to being end-of-life since 2009.
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Users of the TRENDnet TEW-432BRP 3.10B20 router are at high risk of remote code execution due to this vulnerability.
Remediation Recommended
This vulnerability carries significant risk. Schedule patching in your next cycle.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0
Affected Products
4
References
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact