PT-2026-33693 · Unknown+1 · Amc Manager+1

Published

2026-04-20

Updated

2026-05-02

CVE-2026-32955

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SD-330AC (affected versions not specified) AMC Manager (affected versions not specified)

Description SD-330AC and AMC Manager contain a stack-based buffer overflow in the redirect handler. This issue occurs during the processing of redirect URLs, specifically via the '/redirect' endpoint using the url parameter. An unauthenticated attacker can exploit this to execute arbitrary code on the device.

Recommendations Replace the use of the strcpy() function with strncpy() in the redirect handler to prevent buffer overflows.

Fix

RCE

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

CVE-2026-32955

Affected Products

Amc Manager

Sd-330Ac

PT-2026-33693 · Unknown+1 · Amc Manager+1

CVE-2026-32955

Weakness Enumeration

Related Identifiers

Affected Products

References · 8