CVE-2026-8234
HIGHEFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based overflow
Title source: cnaDescription
A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security_5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References (4)
Core 4
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-362454 | EFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based overflow
https://vuldb.com/vuln/362454
Signature, Permissions Required signature
permissions-required
VDB-362454 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/362454/cti
Third Party Advisory third-party-advisory
Submit #808865 | IPTIME A8004T 14.18.2 Stack-based Buffer Overflow
https://vuldb.com/submit/808865
Exploit exploit
issue-tracking
https://github.com/Kiciot/cve/issues/5
Scores
CVSS v3
8.8
EPSS
0.0004
EPSS Percentile
12.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
CWE-121
Status
published
Products (1)
EFM/ipTIME A8004T
14.18.2
Published
May 10, 2026
Tracked Since
May 10, 2026