CVE-2026-10183

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and mig...

CVE-2026-10182

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit has been publicly...

CVE-2026-10183

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and mig...

CVE-2026-10183 TRENDnet TEW-432BRP formWlanSetup stack-based overflow

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and mig...

CVE-2026-10183

CVE-2026-10183 affects TRENDnet TEW-432BRP firmware 3.10B20. The vulnerability is in the function /goform/formWlanSetup, where manipulation of the enrollee argument causes a stack-based buffer overflow. It may be exploited remotely; a public exploit exists. The vendor notes the device has been En...

EUVD-2026-33505

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and mig...

CVE-2026-10182 TRENDnet TEW-432BRP formWlanSetup command injection

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit has been publicly...

CVE-2026-10182

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit has been publicly...

EUVD-2026-33504

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit has been publicly...

CVE-2026-10182

CVE-2026-10182 affects TRENDnet TEW-432BRP firmware 3.10B20. The vulnerable element is the function /goform/formWlanSetup (formWlanSetup) where manipulating the argument enrollee can cause a command injection . The issue is exploitable remotely, and public disclosure of the exploit is indicated. ...

TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter enrollee in the function formWlanSetup located in the file /goform/formWlanSetup. This...

PT-2026-45194

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. The attack can be launched remotely. The exploit has been publicly...

CVE-2026-25532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

CVE-2026-25532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

CVE-2026-25532

CVE-2026-25532 affects Espressif ESP-IDF WPS Enrollee in versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6. A malformed EAP-WSC packet with truncated payload can trigger an integer underflow during fragment length calculation, when processing EAP-Expanded (WSC) messages. The frag_len calculation sub...

EUVD-2026-5376

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

PT-2026-6314

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a flaw in the WPS Wi-Fi Protected Setup Enrollee implementation. Malformed...

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter wpsenroleepin/webpage in the file /goform/formWlanSetupWPS, no details of the vulnerability are...

TRENDnet TEW-755AP Command Injection Vulnerability (CNVD-2023-18956)

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a command injection vulnerability that stems from the wpsstaenrolleepin parameter in the setstaenrolleepin5g function failing to correctly filter for constructed command special characters, commands, and so on. ...