Description
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-05
Score: 8.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A code execution flaw exists in the sub_408F90 function of /cgi/iux_set.cgi on EFM ipTIME C200 devices running firmware up to version 1.092. An attacker can supply a crafted value to the RestoreFile argument, causing the device to execute arbitrary shell commands. The vulnerability is a classic command injection weakness (CWE-74) and may also allow path traversal (CWE-77). The exploit is disseminated publicly and an attacker can leverage it to gain remote control of the device, potentially compromising network integrity and confidentiality.

Affected Systems

The issue surfaces on all EFM ipTIME C200 routers with firmware 1.092 or earlier. No newer firmware versions are listed as vulnerable in the CVE record.

Risk and Exploitability

The CVSS score of 8.6 reflects a high severity vulnerability that allows remote code execution without authentication. EPSS data is not available, making it unclear how likely an attacker is to target this specific device, but the publicly shared exploit and the lack of vendor response suggest a real threat. The flaw is not listed in the CISA KEV catalog, indicating it has not yet been widely observed in the wild, but the presence of a ready‑to‑use exploit means it could be adopted quickly.

Generated by OpenCVE AI on May 5, 2026 at 13:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Deploy the latest firmware version of the ipTIME C200 that is NOT affected by this vulnerability.
  • If an update is not immediately possible, restrict external network access to the /cgi/iux_set.cgi endpoint using firewall or VLAN segmentation to reduce the attack surface.
  • Implement input validation on the RestoreFile parameter—reject or escape any non‑alphanumeric characters or paths—to prevent unintended command execution.

Generated by OpenCVE AI on May 5, 2026 at 13:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Iptime
Iptime c200
Vendors & Products Iptime
Iptime c200

Tue, 05 May 2026 12:45:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 8.3, 'vector': 'AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Iptime C200
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-05T12:30:14.062Z

Reserved: 2026-05-05T06:33:49.481Z

Link: CVE-2026-7833

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-05-05T13:16:31.413

Modified: 2026-05-05T19:09:32.000

Link: CVE-2026-7833

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T21:30:05Z

Weaknesses