CVE-2026-2017

CRITICAL

IP-COM W30AP <1.0.0.11 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-2017. PoCs published by GXB0_0.

AI-analyzed exploit summary The exploit demonstrates a stack-based buffer overflow in IP-COM W30AP firmware via the `/goform/wx3auth` endpoint, where unsanitized user input is passed to `sprintf` without length checks. The PoC sends a crafted POST request with an oversized `data` parameter to trigger the vulnerability.

Description

A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

gitee WORKING POC

by GXB0_0 · poc

https://gitee.com/GXB0_0/iot-vul/blob/master/IP-COM/W30AP/wx3auth-sprintf.md#poc

View Code ZIP pw:eip

The exploit demonstrates a stack-based buffer overflow in IP-COM W30AP firmware via the `/goform/wx3auth` endpoint, where unsanitized user input is passed to `sprintf` without length checks. The PoC sends a crafted POST request with an oversized `data` parameter to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: IP-COM W30AP firmware <= v1.0.0.11(1340)

No auth needed

Prerequisites: Network access to the target device · HTTP POST request capability

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Mar 04, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.344599

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.344599

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.744062

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.744063

Exploit, Third Party Advisory related

https://gitee.com/GXB0_0/iot-vul/blob/master/IP-COM/W30AP/wx3auth-sprintf.md

Exploit, Third Party Advisory exploit

https://gitee.com/GXB0_0/iot-vul/blob/master/IP-COM/W30AP/wx3auth-sprintf.md#poc

Scores

CVSS v3 9.8

EPSS 0.0008

EPSS Percentile 23.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-121 CWE-119 CWE-787

Status published

Products (1)

ip-com/w30ap_firmware < 1.0.0.11\(1340\)

Published Feb 06, 2026

Tracked Since Feb 18, 2026