CVE-2026-7273

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request.

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

CVE-2026-7273

Affected Products

Gs1900-10Hp Firmware

Gs1900-16 Firmware

Gs1900-24 Firmware

Gs1900-24E Firmware

Gs1900-24Ep Firmware

Gs1900-24Hpv2 Firmware

Gs1900-48 Firmware

Gs1900-48Hpv2 Firmware

Gs1900-8 Firmware

Gs1900-8Hp Firmware

CVE-2026-7273

Weakness Enumeration

Related Identifiers

Affected Products

References · 2