CVE-2026-1742 - Vulnerability Details

- EFM ipTIME A8004T VPN Service timepro.cgi commit_vpncli_file_upload unrestricted upload

Description

A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncli_file_upload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-02-02

Score: 5.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability resides in the commit_vpncli_file_upload function of the /cgi/timepro.cgi script used by the VPN Service on the EFM ipTIME A8004T router. The function accepts file uploads without performing type validation or requiring any form of authentication. Based on the description, it is inferred that an attacker can upload arbitrary files to the device over the network, which may later be served or processed in a way that could facilitate further compromise. The likely attack vector is a remote network connection to the router’s web interface, allowing interaction with the vulnerable endpoint without credentials.

Affected Systems

The flaw affects EFM ipTIME A8004T routers running firmware version 14.18.2. No other firmware releases are listed, so the issue appears limited to that single build unless newer firmware inherits the same logic.

Risk and Exploitability

With a CVSS score of 5.1 the vulnerability is considered moderate. The EPSS score of less than 1% indicates a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, yet publicly available exploit code exists. Therefore, an opportunistic remote attacker who can reach the router may deploy malicious files, and if those files are later processed or served, the risk of further compromise rises even though execution is not explicitly confirmed by the description.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

EFM

ipTIME A8004T

affected

Version	Status	Constraints
`14.18.2`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:iptime:a8004t_firmware:14.18.2:*:*:*:*:*:*:*

cpe:2.3:h:iptime:a8004t:-:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Iptime	A8004t	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the router to the latest firmware from the vendor that removes the unrestricted upload capability from the VPN Service.
If an upgrade is not currently available, block access to the /cgi/timepro.cgi endpoint using the router’s firewall or access‑control lists to prevent incoming upload attempts.
Disable the VPN Service entirely if it is not required for your network, ensuring no exposed upload functionality remains.

Generated by OpenCVE AI on April 18, 2026 at 18:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00014.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/LX-LX88/cve/issues/29
https://vuldb.com/?ctiid.343641
https://vuldb.com/?id.343641
https://vuldb.com/?submit.741450

History

Tue, 10 Mar 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Iptime a8004t Firmware
CPEs		cpe:2.3:h:iptime:a8004t:-:::::::* cpe:2.3:o:iptime:a8004t_firmware:14.18.2:::::::*
Vendors & Products		Iptime a8004t Firmware

Tue, 03 Feb 2026 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Iptime Iptime a8004t
Vendors & Products		Iptime Iptime a8004t

Mon, 02 Feb 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 02 Feb 2026 04:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncli_file_upload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		EFM ipTIME A8004T VPN Service timepro.cgi commit_vpncli_file_upload unrestricted upload
Weaknesses		CWE-284 CWE-434
References		https://github.com/LX-LX88/cve/issues/29 https://vuldb.com/?ctiid.343641 https://vuldb.com/?id.343641 https://vuldb.com/?submit.741450
Metrics		cvssV2_0 `{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Iptime A8004t A8004t Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-02T03:32:06.852Z

Updated: 2026-02-23T09:13:33.607Z

Reserved: 2026-02-01T08:06:24.769Z

Link: CVE-2026-1742

Vulnrichment

Updated: 2026-02-02T14:10:02.974Z

NVD

Status : Analyzed

Published: 2026-02-02T04:15:55.357

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-1742

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T18:45:05Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object