Vendor

EFM

3 briefs RSS

EFM ipTIME A8004T Stack-Based Buffer Overflow (CVE-2026-8234)

A stack-based buffer overflow vulnerability (CVE-2026-8234) exists in EFM ipTIME A8004T version 14.18.2, allowing remote attackers to execute arbitrary code by manipulating the security_5g argument in the formWifiBasicSet function.

ipTIME A8004T 14.18.2 cve buffer overflow router rce

1r 1t 1c May 10, 2026

critical advisory

EFM ipTIME NAS1dual Stack-Based Buffer Overflow Vulnerability

2 rules 1 TTP 1 CVE

A stack-based buffer overflow vulnerability exists in EFM ipTIME NAS1dual 1.5.24, affecting the get_csrf_whites function in /cgi/advanced/misc_main.cgi, exploitable remotely, and leading to potential arbitrary code execution.

ipTIME NAS1dual 1.5.24 stack-based-buffer-overflow cve-2026-7834 iptime nas webserver

2r 1t 1c May 5, 2026

critical threat

EFM ipTIME C200 Command Injection Vulnerability

2 rules 1 TTP 1 CVE

EFM ipTIME C200 devices are vulnerable to remote command injection due to insufficient validation of the RestoreFile argument in the /cgi/iux_set.cgi endpoint, allowing attackers to execute arbitrary commands with elevated privileges.

ipTIME C200 command injection iot cve-2026-7833

2r 1t 1c May 5, 2026