A flaw has been found in TRENDnet TEW-432BRP 3.10B20
The TRENDnet TEW-432BRP 3.10B20 router has a stack-based buffer overflow vulnerability in the formSetPassword function, which can be exploited remotely. This occurs when the webpage argument is manipulated, allowing an attacker to potentially execute arbitrary code. The vendor has stated that this product is no longer supported due to being end-of-life since 2009.
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.
Users of the TRENDnet TEW-432BRP 3.10B20 router are at high risk of remote code execution due to this vulnerability.
Remediation Recommended
This vulnerability carries significant risk. Schedule patching in your next cycle.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0
Affected Products
4
References
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact