PatchSiren

TRENDnet CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM TRENDnet CVE published 2026-07-12

CVE-2026-15487

CVE-2026-15487 is an os command injection vulnerability in TRENDnet TEW-821DAP 1.11B03, impacting the function sub_41FBD0 of the file /goform/system_ntp of the component Firmware Update Handler. The vulnerability allows for os command injection through manipulation of the Hostname argument, and the attack may be initiated remotely. Users of TRENDnet TEW-821DAP 1.11B03 should verify if their product is aff [truncated]

MEDIUM TRENDnet CVE published 2026-07-12

CVE-2026-15486

CVE-2026-15486 is an os command injection vulnerability in TRENDnet TEW-821DAP 1.11B03. The vulnerability affects the function sub_42026C of the file /goform/tools_ddns of the component Firmware Update Handler. The attack can be launched remotely. The vendor explains that they are unable to confirm the existence of the vulnerabilities for TEW-821DAP (v1.0R) as these items have been EOL. This vulnerability [truncated]

MEDIUM TRENDnet CVE published 2026-07-12

CVE-2026-15485

A MEDIUM severity vulnerability was found in TRENDnet TEW-821DAP 1.11B03. The DNS Lookup Handler is impacted by an os command injection vulnerability due to improper handling of the nslookup_target/dns_server argument in the sub_43F2C4 function of the /goform/tools_nslookup file. The vulnerability can be exploited remotely, potentially allowing attackers to execute arbitrary commands. The vendor has state [truncated]

HIGH TRENDnet CVE published 2026-07-12

CVE-2026-15484

CVE-2026-15484 is a HIGH severity vulnerability detected in TRENDnet TEW-821DAP 1.12B01. The affected element is the function sub_41EC14 of the file /goform/tools_nslookup in the ssi component. The manipulation leads to a buffer overflow vulnerability that can be exploited remotely. The vendor has stated that they are unable to confirm the existence of vulnerabilities for TEW-821DAP (v1.0R) as these items [truncated]

HIGH TRENDnet CVE published 2026-07-12

CVE-2026-15483

CVE-2026-15483 is a HIGH severity vulnerability in TRENDnet TEW-821DAP 1.12B01 ssi, caused by a buffer overflow in the sub_41EC14 function of the /goform/tools_nslookup file. The manipulation of the nslookup_target argument leads to the buffer overflow, allowing remote attacks. This vulnerability affects TRENDnet TEW-821DAP 1.12B01 ssi and has a CVSS score of 8.7, indicating high severity. Users of affect [truncated]

HIGH Trendnet CVE published 2026-07-12

CVE-2026-15481

A command injection vulnerability has been discovered in Trendnet TEW-635BRM up to 1.00.03. The vulnerability affects the function ipoa_test of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoa_ipaddr results in command injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for att [truncated]

HIGH Trendnet CVE published 2026-07-12

CVE-2026-15480

CVE-2026-15480 is a stack-based buffer overflow vulnerability in Trendnet TEW-635BRM up to 1.00.03. The vulnerability affects the start_httpd function in /sbin/rc of the Web Service, caused by manipulation of the device_name argument. The attack can be executed remotely. The vendor states that the product has been End-of-Life (EOL) since 2011 and they are unable to confirm if the vulnerability exists.

HIGH TRENDnet CVE published 2026-05-31

CVE-2026-10183

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the formWlanSetup function within the /goform/formWlanSetup endpoint, where the enrollee parameter can be manipulated to trigger memory corruption. The attack vector is network-based and requires authentication (low privileges), with no user interaction neede [truncated]

HIGH TRENDnet CVE published 2026-05-31

CVE-2026-10181

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability is located in the `formSysCmd` function within the `/goform/formSysCmd` endpoint, where improper handling of the `submit-url` argument allows remote attackers to overflow a stack buffer. The vendor has explicitly stated this product reached end-of-life in 2009 and will [truncated]

LOW TRENDnet CVE published 2026-05-31

CVE-2026-10180

A remote command injection vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSysCmd` function within the `/goform/formSysCmd` endpoint, where unsanitized input passed to the `sysCmd` parameter permits arbitrary OS command execution. The affected product reached end-of-life (EOL) in 2009—approximately 15 years prior to disclosure [truncated]

HIGH TRENDnet CVE published 2026-05-31

CVE-2026-10161

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability is located in the `formResetStatistic` function within the `/goform/formResetStatistic` endpoint. An attacker can trigger the overflow by manipulating the `status_statistic` argument, leading to potential remote code execution. The vendor has explicitly stated this prod [truncated]

HIGH TRENDnet CVE published 2026-05-31

CVE-2026-10158

A stack-based buffer overflow in the TRENDnet TEW-432BRP wireless router permits remote, unauthenticated attackers to execute arbitrary code via a crafted `server_name` parameter in the `/goform/formPortFw` endpoint. The vendor has explicitly declined to issue a fix, noting the product reached end-of-life in 2009 (15 years prior to disclosure) and that it cannot replicate or remediate vulnerabilities for [truncated]

HIGH TRENDnet CVE published 2026-05-30

CVE-2026-10121

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSetUrlFilter` function within the `/goform/formSetUrlFilter` endpoint, where the `keyword_list`/`keyword` parameter is not properly validated before being copied to a fixed-size stack buffer. This allows remote attackers to execute arbitrary code or [truncated]

HIGH TRENDnet CVE published 2026-05-30

CVE-2026-10120

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSetFirewallRule` function within the `/goform/formSetFirewallRule` endpoint, where the `firewall_name` parameter is not properly validated before being copied to a fixed-size stack buffer. Successful exploitation allows remote attackers to execute ar [truncated]

HIGH TRENDnet CVE published 2026-05-30

CVE-2026-10119

A stack-based buffer overflow in the TRENDnet TEW-432BRP 3.10B20 router's formSetMACFilter function allows remote attackers to execute arbitrary code via a crafted filter_name parameter. The vendor has explicitly declined to provide a fix, noting the product reached end-of-life in 2009 (15 years ago) and cannot be patched. Public exploit disclosure increases immediate risk for any remaining deployed units.

HIGH TRENDnet CVE published 2026-05-29

CVE-2026-10063

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formWPS` function within the `/goform/formWPS` endpoint, where improper handling of the `peerPin` parameter allows remote attackers to trigger memory corruption. The CVSS 4.0 vector indicates network attack vector with low attack complexity, no user inte [truncated]

HIGH TRENDnet CVE published 2026-05-29

CVE-2026-10062

A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSetRoute` function within the `/goform/formSetRoute` endpoint, where improper handling of the `ip`, `mask`, and `gateway` parameters allows remote attackers to trigger memory corruption. The CVSS 4.0 vector indicates network attack vector with low at [truncated]

LOW TRENDnet CVE published 2026-05-29

CVE-2026-10061

A command injection vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the formWPS function within the /goform/formWPS endpoint, where the peerPin parameter is improperly sanitized, allowing remote attackers to inject and execute arbitrary commands. The vendor has explicitly stated this product reached end-of-life in 2009 and will not rec [truncated]

LOW TRENDnet CVE published 2026-05-29

CVE-2026-10060

A command injection vulnerability exists in the TRENDnet TEW-432BRP router firmware version 3.10B20. The vulnerability resides in the `formSetRoute` function within the `/goform/formSetRoute` endpoint, where improper sanitization of the `ip`, `mask`, and `gateway` parameters allows remote attackers to inject and execute arbitrary system commands. The vendor has explicitly stated that this product reached [truncated]