CVE-2026-41927
Deferred Deferred - Pending Action
Stack-Based Buffer Overflow in WDR201A WiFi Extender

Publication date: 2026-05-04

Last updated on: 2026-05-04

Assigner: VulnCheck

Description
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer overflow vulnerability in the firewall.cgi and makeRequest.cgi binaries that allows unauthenticated attackers to overwrite the saved return address by sending a POST request with a Content-Length header exceeding 512 bytes. Attackers can exploit insufficient length validation in the fgets() call to achieve arbitrary code execution through return-oriented programming or return-to-libc techniques.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-04
Generated
2026-06-16
AI Q&A
2026-05-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-41927
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in the WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) within the firewall.cgi and makeRequest.cgi binaries. It is a stack-based buffer overflow caused by insufficient length validation in the fgets() function when processing a POST request with a Content-Length header exceeding 512 bytes.

This flaw allows unauthenticated attackers to overwrite the saved return address on the stack, enabling them to execute arbitrary code by using techniques such as return-oriented programming or return-to-libc.

Impact Analysis

Exploitation of this vulnerability can lead to arbitrary code execution on the affected device without requiring authentication.

An attacker could potentially take full control of the WiFi extender, manipulate its behavior, intercept or alter network traffic, or use the device as a foothold to attack other devices on the network.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41927. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart