CVE-2026-22316
Received Received - Intake

Stack-Based Buffer Overflow in WebUI TFTP Filename Causes DoS

Vulnerability report for CVE-2026-22316, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-18

Last updated on: 2026-03-18

Assigner: CERT VDE

Description

A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-18
Last Modified
2026-03-18
Generated
2026-07-06
AI Q&A
2026-03-18
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows a remote attacker who already has user privileges for the web user interface (webUI) to exploit a stack-based buffer overflow by setting the TFTP Filename via a POST request.

By sending a specially crafted POST request to set the TFTP Filename, the attacker can trigger this buffer overflow.

This results in a denial of service (DoS) attack, causing the affected system or service to crash or become unavailable.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition.

An attacker with user privileges on the webUI can cause the affected system or service to crash or become unavailable by exploiting the buffer overflow.

This can disrupt normal operations and potentially cause downtime until the system is restored.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22316. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart