CVE-2026-15480 | Trendnet TEW-635BRM up to 1.00.03 Web Service /sbin/rc start_httpd device_name stack-based overflow
A vulnerability labeled as critical has been found in Trendnet TEW-635BRM up to 1.00.03. This affects the function start_httpd of the file /sbin/rc of the component Web Service. Such manipulation of the argument device_name leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is documented as CVE-2026-15480. The attack can be executed remotely. Additionally, an exploit exists.
The vendor explains: "We are unable to confirm if the vulnerability exists. This item has been EOL since 2011. We will make an official announcement of possible vulnerabilities, and recommend users to switch devices."