Description
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-05
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw resides in the get_csrf_whites function of /cgi/advanced/misc_main.cgi in the EFM ipTIME NAS1dual firmware version 1.5.24. Manipulating the request to this function causes a stack‑based buffer overflow. Such an overflow could enable an attacker to overwrite return addresses and execute arbitrary code, or to trigger a crash that disrupts service. The vulnerability is triggered remotely, so any host with network reachability to the NAS is a potential target.

Affected Systems

The affected device is the EFM ipTIME NAS1dual running firmware 1.5.24. No other versions or products are listed as affected in the current CNA data.

Risk and Exploitability

The CVSS score of 9.3 signals a critical severity. EPSS data is not available, but the vulnerability has been publicly disclosed and can be exploited remotely. The defect is not included in the CISA KEV catalog yet, but the existence of a public exploit indicates a realistic risk. Attackers can target the NAS through the exposed /cgi/advanced/misc_main.cgi endpoint, and without an official fix the exposure remains high.

Generated by OpenCVE AI on May 5, 2026 at 16:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Limit or block external access to the NAS, allowing only trusted networks or IP addresses to reach the /cgi/advanced/misc_main.cgi endpoint.
  • Enable comprehensive logging on the NAS and monitor for anomalous CGI requests, repeated failures, or patterns that suggest an attempted buffer‑overflow attack.
  • Check the vendor’s website or support channels for firmware updates that address this issue; if a patch is released, apply it promptly.

Generated by OpenCVE AI on May 5, 2026 at 16:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 05 May 2026 14:00:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title EFM ipTIME NAS1dual misc_main.cgi get_csrf_whites stack-based overflow
Weaknesses CWE-119
CWE-121
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-05T15:02:42.186Z

Reserved: 2026-05-05T06:33:53.251Z

Link: CVE-2026-7834

cve-icon Vulnrichment

Updated: 2026-05-05T15:02:38.362Z

cve-icon NVD

Status : Received

Published: 2026-05-05T14:16:09.687

Modified: 2026-05-05T14:16:09.687

Link: CVE-2026-7834

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T16:30:27Z

Weaknesses