CVE-2026-22320

Name of the Vulnerable Software and Affected Versions Versions prior to 2026-22320

Description A stack-based buffer overflow exists in the CLI's TFTP file-transfer command handling. A low-privileged attacker with Telnet/SSH access can trigger memory corruption by providing unexpected or oversized filename input. This exploitation corrupts the internal buffer, causing the CLI and web dashboard to become unavailable, resulting in a denial of service. The vulnerable component is the TFTP file-transfer command. The input filename is the source of the overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.