CVE-2026-10159

Vulnerability

A stack-based buffer overflow exists in the TRENDnet TEW-432BRP wireless router, firmware version 3.10B20, within the function formSysLog handling the /goform/formSysLog endpoint [1]. The vulnerability is triggered by a maliciously long value supplied to the current_page argument. The input is copied without bounds checking into a stack buffer, overwriting the return address [1]. No authentication is required to reach the vulnerable code path, and the attack can be initiated remotely [1].

Exploitation

An unauthenticated attacker on the network can send a specially crafted HTTP POST request to /goform/formSysLog with an overly long current_page parameter [1]. The publicly available proof-of-concept (PoC) provides a long string of 'a' characters that causes a stack overflow, resulting in a denial-of-service (device crash) [1]. More sophisticated exploitation may allow control of the program counter to achieve arbitrary code execution [1]. No user interaction is needed beyond the router being accessible [1].

Impact

Successful exploitation leads to a stack overflow that can crash the router (denial of service) or potentially allow remote code execution (RCE) with the privileges of the Boa web server process [1]. An attacker who achieves RCE could then fully compromise the router, alter configuration, intercept traffic, or use the device as a pivot point in further network attacks [1]. The impact is high due to the possibility of complete device compromise without authentication [1].

Mitigation

The vendor has declared the TEW-432BRP product end-of-life (EOL) since 2009 and states that they cannot replicate or fix any vulnerabilities [1]. No patch is available. Users are strongly advised to retire and replace this device with a supported model that receives security updates. As of publication, there is no indication this vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog [1].