Vulnerabilities ›

CVE-2026-10179

High

CWE-119 — Weakness Type

                    Published: May 31, 2026                      ·  Modified: Jun 7, 2026                      ·  Source: CIRCL                

CVSS v3

8.8

🔗 NVD Official

📄 Description (English)

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer.

🤖 AI Executive Summary

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP router's WLAN encryption configuration function, allowing remote code execution. The affected device has been end-of-life since 2009 with no vendor support available.

📄 Description (Arabic)

تؤثر هذه الثغرة على وظيفة formSetWlanEncrypt في ملف /goform/formSetWlanEncrypt حيث يمكن للمهاجمين البعيدين استغلال معامل webpage لتجاوز المخزن المؤقت. تم نشر استغلال الثغرة علناً وقد لا يتوفر أي إصلاح من المورد نظراً لانتهاء دعم المنتج.

🤖 ملخص تنفيذي (AI)

تم اكتشاف ثغرة تجاوز المخزن المؤقت في جهاز التوجيه TRENDnet TEW-432BRP تسمح بتنفيذ أوامر بعيدة عبر دالة تشفير WLAN. الجهاز لم يعد مدعوماً من قبل المورد منذ عام 2009.

🤖 AI Intelligence Analysis Analyzed: Jun 5, 2026 00:18

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

telecom government banking

🎯 MITRE ATT&CK Techniques

T1190 T1068 T1543

⚖️ Saudi Risk Score (AI)

8.0

/ 10.0

🔧 Remediation Steps (English)

Organizations should immediately discontinue use of TRENDnet TEW-432BRP routers and replace them with current, vendor-supported networking equipment. If continued use is unavoidable, isolate affected devices on a separate network segment with strict access controls and monitor for suspicious activity.

🔧 خطوات المعالجة (العربية)

يجب على المنظمات التوقف الفوري عن استخدام أجهزة التوجيه TRENDnet TEW-432BRP واستبدالها بمعدات شبكية حديثة مدعومة من المورد. إذا كان الاستخدام المستمر ضرورياً، يجب عزل الأجهزة المتأثرة على قطاع شبكة منفصل مع تطبيق ضوابط وصول صارمة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

2.1 2.2

🔵 SAMA CSF

ID.RA-1 PR.IP-1

🟡 ISO 27001:2022

A.12.6.1 A.14.2.1

🔗 References & Sources 5

🔗

https://github.com/wudipjq/my_vuln/blob/main/TRENDnet/vuln_16/16.md

cna@vuldb.com

🔗

https://vuldb.com/cve/CVE-2026-10179

cna@vuldb.com

🔗

https://vuldb.com/submit/814773

cna@vuldb.com

🔗

https://vuldb.com/vuln/367460

cna@vuldb.com

🔗

https://vuldb.com/vuln/367460/cti

cna@vuldb.com

📊 CVSS Score

8.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.8

CWECWE-119

EPSS0.05%

Exploit No

Patch ✗ No

Published 2026-05-31

Source Feed circl

🇸🇦 Saudi Risk Score

8.0

/ 10.0 — Saudi Risk

Priority: HIGH

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-10179

Introduce Yourself

Sign In Required