CVE-2026-3697
Received Received - Intake
Remote Stack-Based Buffer Overflow in Planet ICG-2510 Language Handler

Publication date: 2026-03-08

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-08
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-08
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3697
EUVD
EUVD-2026-10204
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
planet icg-2510 1.0_20250811
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3697 is a stack-based buffer overflow vulnerability found in the Planet ICG-2510 device, version 1.0_20250811. It exists in the function sub_40C8E4 within the /usr/sbin/httpd binary, which handles language package configuration.

The vulnerability occurs because the function retrieves a language configuration string from NVRAM and uses sprintf to format it into a 60-byte buffer without validating the length of the input. If the language string exceeds about 48 characters, it overflows the allocated buffer, causing a classic buffer overflow.

An attacker can exploit this remotely by setting a maliciously long language value, either directly via nvram commands or indirectly through configuration files. This overflow triggers when the web management interface loads language resources.

Impact Analysis

Exploitation of this vulnerability can lead to several serious impacts:

  • Denial of Service (DoS) by crashing the web management interface, making the device management unavailable.
  • Potential Arbitrary Code Execution (Remote Code Execution) by corrupting memory or heap metadata, which could allow an attacker to take control of the device remotely.
  • Sensitive Information Leakage due to memory corruption caused by the buffer overflow.

Because the language configuration is processed during device startup or routine operations, the vulnerability can be persistent and easily triggered, posing a significant security risk.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking the length of the language configuration value stored in NVRAM on the Planet ICG-2510 device. Specifically, if the "language" value exceeds approximately 48 characters, it may trigger the buffer overflow.'}, {'type': 'paragraph', 'content': 'A practical detection method is to query the current language setting using the nvram command on the device and inspect its length.'}, {'type': 'list_item', 'content': 'Run the command: nvram get language'}, {'type': 'list_item', 'content': 'Check if the returned string length is greater than 48 characters.'}, {'type': 'paragraph', 'content': 'If the language string is unusually long or suspicious, it indicates potential exploitation or misconfiguration related to this vulnerability.'}] [1, 3]

Mitigation Strategies

Immediate mitigation steps include avoiding setting or accepting language configuration values longer than 48 characters to prevent triggering the buffer overflow.

Since no vendor patches or official mitigations are available, it is recommended to replace the affected Planet ICG-2510 device with an alternative product that is not vulnerable.

Additionally, restricting remote access to the web management interface can reduce the risk of remote exploitation.

Monitoring for crashes or denial of service symptoms on the web interface may help detect exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3697. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart