Stack-Based Buffer Overflow in IP-COM W30AP Wireless Access Point
CVE-2026-2017

9.3CRITICAL

Key Information:

Vendor

Ip-com

Status
W30ap
Vendor
CVE Published:
6 February 2026

What is CVE-2026-2017?

A vulnerability exists in the IP-COM W30AP wireless access point that could lead to a stack-based buffer overflow due to improper handling of input in the R7WebsSecurityHandler function. Specifically, manipulation of the 'data' argument in the POST Request Handler (/goform/wx3auth) can allow attackers to execute code remotely. This flaw poses significant risks to network security, as it potentially allows unauthorized control over the affected devices. Early disclosures to the vendor received no response, indicating a critical need for user awareness and mitigation strategies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

W30AP 1.0.0.11(1340)

References

https://vuldb.com/?id.344599
vdb-entrytechnical-description
https://vuldb.com/?ctiid.344599
signaturepermissions-required
https://vuldb.com/?submit.744062
third-party-advisory

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

GuoXB (VulDB User)
JSON
.