Description
Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate the KVM process.
Published: 2026-03-17
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized configuration changes and potential denial of service
Action: Patch Now
AI Analysis

Impact

Sipeed NanoKVM devices prior to firmware 2.3.1 expose a Wi‑Fi configuration endpoint that lacks authentication checks. An attacker with local network access can send HTTP requests that overwrite the stored Wi‑Fi credentials with attacker‑chosen values or trigger memory exhaustion, causing the KVM process to terminate. This flaw results in unauthorized configuration changes and potential denial of service, and is classified as CWE‑306, Access Control—Missing Authentication for Request.

Affected Systems

The vulnerability affects all Sipeed NanoKVM firmware versions earlier than 2.3.1. The affected vendor is Sipeed, product NanoKVM. Specific firmware versions are identified only as those preceding 2.3.1; no further sub‑versions are listed in the CVE data.

Risk and Exploitability

The CVSS base score of 8.8 indicates high severity. No EPSS score is available, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires only connectivity to the target device’s network interface; no credentials are needed. An attacker can exploit the flaw by sending crafted HTTP requests to the unlocked endpoint, leading to configuration manipulation or a deliberate denial of service via memory exhaustion.

Generated by OpenCVE AI on March 17, 2026 at 18:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update NanoKVM firmware to version 2.3.1 or later, which removes the unauthenticated Wi‑Fi configuration endpoint.
  • If an update cannot be applied immediately, isolate the device from untrusted networks by placing it on a separate VLAN or subnet with restricted access.
  • Verify the stored Wi‑Fi credentials remain unchanged and that the device is not unexpectedly restarting or crashing.
  • Monitor for abnormal restarts or configuration changes as indicators of attempted exploitation.

Generated by OpenCVE AI on March 17, 2026 at 18:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Sipeed
Sipeed nanokvm
Vendors & Products Sipeed
Sipeed nanokvm

Tue, 17 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
Description Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate the KVM process.
Title Sipeed NanoKVM unauthenticated Wi-Fi configuration endpoint
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H'}

cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Sipeed Nanokvm
cve-icon MITRE

Status: PUBLISHED

Assigner: cisa-cg

Published:

Updated: 2026-03-17T18:10:26.448Z

Reserved: 2026-03-11T18:26:54.750Z

Link: CVE-2026-32296

cve-icon Vulnrichment

Updated: 2026-03-17T18:10:23.448Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-17T18:16:16.960

Modified: 2026-03-18T14:52:44.227

Link: CVE-2026-32296

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:49:02Z

Weaknesses