A critical stack-based buffer overflow in the legacy TRENDnet TEW-432BRP router presents a high risk of unauthorized system control.

The vulnerability is a stack-based buffer overflow in the formResetStatistic function of the /goform/formResetStatistic file, which is exploitable via the status_statistic argument.

A CVSS score of 8.8 highlights the severity of this vulnerability, which allows remote code execution. The EOL status of this hardware means that there is no path to remediation, and the device remains vulnerable to exploitation, potentially compromising the integrity and security of the entire network segment.

Immediate Action: Cease use of the TRENDnet TEW-432BRP and replace it with a currently supported, secure product, as the vendor will not provide patches for this EOL device.

Proactive Monitoring: If immediate replacement is not feasible, implement strict access controls and monitor all traffic for exploitation patterns targeting the statistics reset function.

Compensating Controls: Deploy network-level protections, such as an IPS, to block requests to the vulnerable /goform/formResetStatistic endpoint.

Public Exploit Available: True

Given the high severity and the lack of vendor support, the risk associated with this vulnerability is unacceptable for production environments. Immediate replacement of the affected hardware is the only effective strategy to mitigate this risk.