{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-7674/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-7674"}],"_cs_exploited":false,"_cs_products":["LBT-T300-HW1 (\u003c= 1.2.8)"],"_cs_severities":["critical"],"_cs_tags":["buffer-overflow","web-management-interface","cve-2026-7674"],"_cs_type":"threat","_cs_vendors":["Shenzhen Libituo Technology"],"content_html":"\u003cp\u003eA buffer overflow vulnerability, identified as CVE-2026-7674, affects Shenzhen Libituo Technology LBT-T300-HW1 devices up to version 1.2.8. The vulnerability resides within the Web Management Interface, specifically in the \u003ccode\u003estart_single_service\u003c/code\u003e function. By sending a crafted request to the device and manipulating the \u003ccode\u003evpn_pptp_server\u003c/code\u003e or \u003ccode\u003evpn_l2tp_server\u003c/code\u003e arguments, an attacker can trigger a buffer overflow, potentially leading to arbitrary code execution. This vulnerability can be exploited remotely, making it a significant threat to affected devices. The vendor was notified but did not respond, increasing the risk of exploitation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable LBT-T300-HW1 device with version 1.2.8 or earlier.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the Web Management Interface.\u003c/li\u003e\n\u003cli\u003eThe malicious request includes a payload designed to overflow the buffer when processing the \u003ccode\u003evpn_pptp_server\u003c/code\u003e or \u003ccode\u003evpn_l2tp_server\u003c/code\u003e arguments.\u003c/li\u003e\n\u003cli\u003eThe crafted request is sent to the \u003ccode\u003estart_single_service\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003estart_single_service\u003c/code\u003e function attempts to process the overly long input without proper bounds checking.\u003c/li\u003e\n\u003cli\u003eThe buffer overflow overwrites adjacent memory regions, including potentially executable code or critical data structures.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the device by redirecting execution flow to attacker-controlled code injected into the buffer.\u003c/li\u003e\n\u003cli\u003eThe attacker executes arbitrary code on the device, potentially gaining persistent access or causing denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows a remote attacker to execute arbitrary code on the affected LBT-T300-HW1 device. This could lead to complete system compromise, including data theft, modification of device settings, or use of the device as a bot in a larger attack. Given the lack of vendor response, many devices could be vulnerable if exposed to the internet.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Suspicious VPN Server Configuration via Web Interface\u003c/code\u003e to detect potential exploitation attempts targeting the vulnerable \u003ccode\u003estart_single_service\u003c/code\u003e function in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unusually long strings passed as values for \u003ccode\u003evpn_pptp_server\u003c/code\u003e and \u003ccode\u003evpn_l2tp_server\u003c/code\u003e parameters in HTTP requests to the device\u0026rsquo;s web interface.\u003c/li\u003e\n\u003cli\u003eApply any available patches or firmware updates released by Shenzhen Libituo Technology to address CVE-2026-7674.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-03T02:17:12Z","date_published":"2026-05-03T02:17:12Z","id":"/briefs/2026-05-lbt-t300-hw1-bo/","summary":"A buffer overflow vulnerability (CVE-2026-7674) exists in the Web Management Interface of Shenzhen Libituo Technology LBT-T300-HW1 devices, allowing remote attackers to execute arbitrary code by manipulating the vpn_pptp_server or vpn_l2tp_server arguments in the start_single_service function.","title":"Shenzhen Libituo Technology LBT-T300-HW1 Buffer Overflow Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-lbt-t300-hw1-bo/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-7674","version":"https://jsonfeed.org/version/1.1"}