CVE-2026-7675
Published: 03 May 2026
Summary
CVE-2026-7675 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 48.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-7675 is a buffer overflow vulnerability affecting Shenzhen Libituo Technology's LBT-T300-HW1 device firmware versions up to 1.2.8. The issue resides in the start_lan function within the /apply.cgi file, where manipulation of the Channel/ApCliSsid argument triggers the overflow. Classified under CWE-119 and CWE-120, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.
A remote attacker with low privileges, such as an authenticated user, can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows high levels of impact on confidentiality, integrity, and availability, likely enabling arbitrary code execution or system compromise through the buffer overflow.
No patches or official mitigations are available, as the vendor was contacted early regarding the disclosure but provided no response. An exploit has been publicly disclosed, including details on GitHub, increasing the risk of active exploitation. Security practitioners should isolate affected devices, restrict access to /apply.cgi, and monitor for anomalous activity, as referenced in VulDB entries.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-26809
Vulnerability details
A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out…
more
remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in network-accessible /apply.cgi web interface of device firmware enables remote authenticated attackers to achieve arbitrary code execution/system compromise, directly mapping to exploitation of a public-facing application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates user-supplied inputs like the Channel/ApCliSsid argument in /apply.cgi to prevent buffer overflow exploitation.
Implements memory protections such as stack canaries, ASLR, and DEP to thwart buffer overflow attacks even if invalid inputs reach the start_lan function.
Enforces least privilege to restrict low-privilege authenticated users from accessing the vulnerable /apply.cgi endpoint and triggering the buffer overflow.