CVE-2026-8234

HIGH 8.8

EFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based overflow

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

12th

A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security_5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-121 CWE-119
Vendor	efm
Product	iptime a8004t
Published	May 10, 2026
Last Updated	May 12, 2026

Stay Ahead of the Next One

Get instant alerts for efm iptime a8004t

Be the first to know when new high vulnerabilities affecting efm iptime a8004t are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

EFM / ipTIME A8004T

14.18.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/362454 vuldb.com: https://vuldb.com/vuln/362454/cti vuldb.com: https://vuldb.com/submit/808865 github.com: https://github.com/Kiciot/cve/issues/5

Credits

🔍 kiciot (VulDB User) VulDB CNA Team