Efm Iptime A8004T vulnerabilities
4 known vulnerabilities affecting efm/iptime_a8004t.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-8234P2HIGHCVSS 8.8v14.18.22026-05-10
CVE-2026-8234 [HIGH] CWE-119 CVE-2026-8234: A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects
A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security_5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was
nvd
CVE-2026-1740P2CRITICALCVSS 9.8v14.18.22026-02-02
CVE-2026-1740 [CRITICAL] CWE-287 CVE-2026-1740: A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_sess
A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was c
nvd
CVE-2026-1742P3HIGHCVSS 7.2v14.18.22026-02-02
CVE-2026-1742 [HIGH] CWE-284 CVE-2026-1742: A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the f
A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncli_file_upload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was
nvd
CVE-2026-1741P3MEDIUMCVSS 6.6v14.18.22026-02-02
CVE-2026-1741 [MEDIUM] CWE-912 CVE-2026-1741: A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpcon_check_
A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpcon_check_session_url of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be
nvd