These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSetFirewallRule` function within the `/goform/formSetFirewallRule` endpoint, where the `firewall_name` parameter is not properly validated before being copied to a fixed-size stack buffer. Successful exploitation allows remote attackers to execute ar [truncated]
A stack-based buffer overflow in the TRENDnet TEW-432BRP 3.10B20 router's formSetMACFilter function allows remote attackers to execute arbitrary code via a crafted filter_name parameter. The vendor has explicitly declined to provide a fix, noting the product reached end-of-life in 2009 (15 years ago) and cannot be patched. Public exploit disclosure increases immediate risk for any remaining deployed units.
A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formWPS` function within the `/goform/formWPS` endpoint, where improper handling of the `peerPin` parameter allows remote attackers to trigger memory corruption. The CVSS 4.0 vector indicates network attack vector with low attack complexity, no user inte [truncated]
A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the `formSetRoute` function within the `/goform/formSetRoute` endpoint, where improper handling of the `ip`, `mask`, and `gateway` parameters allows remote attackers to trigger memory corruption. The CVSS 4.0 vector indicates network attack vector with low at [truncated]
A command injection vulnerability exists in the TRENDnet TEW-432BRP wireless router firmware version 3.10B20. The vulnerability resides in the formWPS function within the /goform/formWPS endpoint, where the peerPin parameter is improperly sanitized, allowing remote attackers to inject and execute arbitrary commands. The vendor has explicitly stated this product reached end-of-life in 2009 and will not rec [truncated]
A command injection vulnerability exists in the TRENDnet TEW-432BRP router firmware version 3.10B20. The vulnerability resides in the `formSetRoute` function within the `/goform/formSetRoute` endpoint, where improper sanitization of the `ip`, `mask`, and `gateway` parameters allows remote attackers to inject and execute arbitrary system commands. The vendor has explicitly stated that this product reached [truncated]