HighPublic exploit

Stack-based Buffer Overflow in TRENDnet TEW-432BRP formSetPassword

IdentifiersCVE-2026-10162CWE-121· Stack-based Buffer Overflow

CVE-2026-10162 is a remotely exploitable stack-based buffer overflow in TRENDnet TEW-432BRP firmware 3.10B20. The flaw is in the formSetPassword function exposed through the /goform/formSetPassword endpoint. According to the provided record, manipulation of the webpage argument can trigger the overflow. Because the vulnerable condition is stack-based and reachable over the network, a crafted request to the password-setting handler can corrupt stack memory and destabilize the process, with possible code-execution implications depending on exploitability in the target environment. The issue affects an end-of-life product that TRENDnet states has been unsupported since 2009 and cannot be replicated or fixed by the vendor.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can cause memory corruption in the affected management endpoint, leading to denial of service and potentially arbitrary code execution on the device. The supplied scoring and advisory context indicate high impact to confidentiality, integrity, and availability. Because the flaw is reachable remotely, compromise of the device could enable full control of the affected router, including unauthorized configuration changes, interception or exposure of sensitive data handled by the device, and disruption of network services.

Mitigation

If you can’t patch tonight, do this now.

Where immediate replacement is not possible, minimize exposure by restricting access to the device management interface, especially the /goform/formSetPassword endpoint, to trusted administrative hosts only; place the device behind network segmentation and ACLs; disable remote administration if supported; prevent Internet exposure; and monitor for suspicious requests targeting password-management functionality. Because the product is unsupported, these are only risk-reduction measures and not a complete fix.

Remediation

Patch, then assume compromise.

No vendor patch is available. TRENDnet stated the affected TEW-432BRP product has been end-of-life for many years and cannot be fixed. The appropriate remediation is to decommission and replace affected TEW-432BRP devices running firmware 3.10B20 with supported hardware. If asset replacement is required, remove the vulnerable device from production use as soon as possible.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

TrendnetTew-432brpapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

8 SOURCESView more in app

cvefeed high severityNews

May 31, 2026

CVE-2026-10162 - TRENDnet TEW-432BRP formSetPassword stack-based overflow

A remotely exploitable stack-based buffer overflow in the formSetPassword function of /goform/formSetPassword on TRENDnet TEW-432BRP 3.10B20. The affected product is end-of-life and unsupported, and the vendor states it cannot replicate or fix the issue.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity7

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-10162

NVD

nvd.nist.gov/vuln/detail/CVE-2026-10162

MITRE CWE · CWE-121

Stack-based Buffer Overflow

github.com

github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_15/15.md

vuldb.com

vuldb.com/submit/814772

vuldb.com

vuldb.com/vuln/367415

vuldb.com

vuldb.com/vuln/367415/cti