CVE-2026-10060 | TRENDnet TEW-432BRP 3.10B20 /goform/formSetRoute ip/mask/gateway command injection

A vulnerability identified as critical has been detected in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is referenced as CVE-2026-10060. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor explains: “This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities.”

CVE-2026-10060 | TRENDnet TEW-432BRP 3.10B20 /goform/formSetRoute ip/mask/gateway command injection

Post correlati

CVE-2024-6619 | Ocean Data Systems AVEVA Reports for Operations 2023 permission assignment (icsa-24-226-08)

CVE-2023-47063 | Adobe Illustrator 2023/Illustrator 2024 up to 27.9.0/28.0 out-of-bounds write (apsb23-68)

CVE-2023-51415 | GiveWP Donation Plugin and Fundraising Platform Plugin up to 3.2.2 on WordPress cross site scripting

CVE-2024-43653 | Iocharger prior 24120701 HTTP os command injection (DIVD-2024-00035)