CVE-2026-10180 | TRENDnet TEW-432BRP 3.10B20 /goform/formSysCmd sysCmd command injection

A vulnerability, which was classified as critical, was found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is referenced as CVE-2026-10180. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor explains: “This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities.”VulDB Recent EntriesRead More