CVE 8.7 HIGH

Shenzhen Libituo Technology LBT-T300-HW1 apply.cgi start_lan buffer overflow_CVE-2026-7675

May 2, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in the start_lan function of the apply.cgi file, allowing remote attacks

Basic Information

ID CVE-2026-7675
Source VulDB
Published May 3, 2026 at 02:30

Affected Product

Vendor Shenzhen Libituo Technology
Product LBT-T300-HW1
Version 1.2.0
Affected Versions Shenzhen Libituo Technology LBT-T300-HW1 1.2.0
Shenzhen Libituo Technology LBT-T300-HW1 1.2.1
Shenzhen Libituo Technology LBT-T300-HW1 1.2.2
Shenzhen Libituo Technology LBT-T300-HW1 1.2.3
Shenzhen Libituo Technology LBT-T300-HW1 1.2.4
Shenzhen Libituo Technology LBT-T300-HW1 1.2.5
Shenzhen Libituo Technology LBT-T300-HW1 1.2.6
Shenzhen Libituo Technology LBT-T300-HW1 1.2.7
Shenzhen Libituo Technology LBT-T300-HW1 1.2.8

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Shenzhen Libituo Technology
Product LBT-T300-HW1
Version 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.