Skip to main content

ipTIME NAS1dual EUVDEUVD-2026-27333

| CVE-2026-7834 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-05-05 VulDB GHSA-c384-mhv7-jvfr
8.9
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.9 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 05, 2026 - 14:30 vuln.today
Severity Changed
May 05, 2026 - 14:22 NVD
CRITICAL HIGH
CVSS changed
May 05, 2026 - 14:22 NVD
9.8 (CRITICAL) 8.9 (HIGH)

DescriptionCVE.org

A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Stack-based buffer overflow in EFM ipTIME NAS1dual 1.5.24 allows remote unauthenticated attackers to achieve complete system compromise via the get_csrf_whites function in /cgi/advanced/misc_main.cgi. Public exploit code exists on GitHub, demonstrating practical exploitability despite lack of vendor response to responsible disclosure. CVSS 8.9 (Critical) with EPSS data unavailable; attack requires no authentication, low complexity, and no user interaction (AV:N/AC:L/PR:N/UI:N), making this a high-priority remote attack surface.

Technical ContextAI

This vulnerability exploits a classic stack-based buffer overflow (CWE-121) in the get_csrf_whites function within the CGI interface of ipTIME NAS1dual network-attached storage devices. Stack-based overflows occur when data exceeding allocated buffer size overwrites adjacent memory on the stack, potentially corrupting return addresses and enabling arbitrary code execution. The vulnerable endpoint (/cgi/advanced/misc_main.cgi) appears to be part of the device's web management interface, which is commonly exposed to network access. The CVSS vector indicates complete confidentiality, integrity, and availability impact to the vulnerable component (VC:H/VI:H/VA:H) with no cross-scope effects (SC:N/SI:N/SA:N), suggesting exploitation achieves full control of the NAS device itself. The CVE identifier appears to be from 2026, which may indicate a reporting/publication timing issue or test data.

RemediationAI

No vendor-released patch identified at time of analysis; EFM did not respond to vulnerability disclosure per the CVE description. Without official firmware updates, organizations must implement compensating controls immediately. Primary mitigation: Isolate ipTIME NAS1dual devices from Internet-facing networks by placing them behind firewall rules that restrict /cgi/advanced/ endpoints to trusted internal management networks only - this eliminates remote attack vector (AV:N) but reduces device accessibility for remote management. Secondary mitigation: If web interface access is required, implement reverse proxy authentication (such as nginx with HTTP basic auth) in front of the device to add the missing PR:N→PR:L authentication barrier, though this adds operational complexity and single point of failure. Tertiary option: Disable the web management interface entirely if device can be administered through alternative methods (SSH, serial console), though this may not be supported on consumer NAS models. Organizations should consider replacing affected devices with actively-supported alternatives given vendor non-responsiveness. Monitor network logs for HTTP requests to /cgi/advanced/misc_main.cgi with unusual Content-Length or payload characteristics. All mitigations trade functionality for security; network isolation is the most reliable control with least operational risk. Consult https://vuldb.com/vuln/361113/cti for additional vendor contact attempts and community-developed workarounds.

Share

EUVD-2026-27333 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy