Vulnerabilities ›

CVE-2026-10123

High

CWE-119 — Weakness Type

                    Published: May 30, 2026                      ·  Modified: Jun 6, 2026                      ·  Source: NVD                

CVSS v3

8.8

🔗 NVD Official

📄 Description (English)

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.

🤖 AI Executive Summary

A stack-based buffer overflow vulnerability exists in TRENDnet TEW-432BRP router firmware version 3.10B20 in the domain filter function, allowing remote code execution. The affected product has been end-of-life since 2009 with no vendor support available.

📄 Description (Arabic)

تؤثر هذه الثغرة على جهاز التوجيه TRENDnet TEW-432BRP الإصدار 3.10B20 حيث يمكن للمهاجم استغلال دالة معالجة تصفية النطاق لتجاوز المخزن المؤقت للمكدس. يمكن تنفيذ الهجوم عن بعد دون الحاجة إلى بيانات اعتماد، مما يسمح بتنفيذ أوامر تعسفية على الجهاز.

🤖 ملخص تنفيذي (AI)

ثغرة تجاوز المخزن المؤقت في جهاز التوجيه TRENDnet TEW-432BRP تسمح بتنفيذ أوامر بعيدة عبر معالجة معاملات تصفية النطاق. المنتج لم يعد مدعوماً من قبل الشركة المصنعة منذ عام 2009.

🤖 AI Intelligence Analysis Analyzed: Jun 5, 2026 00:20

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

telecom government banking

🎯 MITRE ATT&CK Techniques

T1190 T1133 T1059

⚖️ Saudi Risk Score (AI)

8.0

/ 10.0

🔧 Remediation Steps (English)

Organizations should immediately discontinue use of TRENDnet TEW-432BRP routers and replace them with current, supported networking equipment. If replacement is not immediately possible, isolate affected devices from critical networks, disable remote management features, and implement strict network access controls and firewall rules to limit exposure.

🔧 خطوات المعالجة (العربية)

يجب على المنظمات التوقف الفوري عن استخدام أجهزة التوجيه TRENDnet TEW-432BRP واستبدالها بمعدات شبكية حديثة مدعومة. إذا لم يكن الاستبدال ممكناً فوراً، فعزل الأجهزة المتأثرة عن الشبكات الحرجة وتعطيل ميزات الإدارة البعيدة وتطبيق ضوابط وصول صارمة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1 5.2 6.1

🔵 SAMA CSF

ID.AM-2 PR.DS-1 PR.IP-1

🟡 ISO 27001:2022

A.12.2.1 A.12.6.1 A.13.1.1

🔗 References & Sources 4

🔗

https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_10/10.md

cna@vuldb.com

🔗

https://vuldb.com/submit/814767

cna@vuldb.com

🔗

https://vuldb.com/vuln/367300

cna@vuldb.com

🔗

https://vuldb.com/vuln/367300/cti

cna@vuldb.com

📊 CVSS Score

8.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.8

CWECWE-119

EPSS0.04%

Exploit No

Patch ✗ No

Published 2026-05-30

Source Feed nvd

🇸🇦 Saudi Risk Score

8.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-119

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-10123

Introduce Yourself

Sign In Required