Wi-Fi Configuration Vulnerability in Sipeed NanoKVM Product by Sipeed
CVE-2026-32296
8.8HIGH
What is CVE-2026-32296?
The Sipeed NanoKVM product before version 2.3.1 is susceptible to a security issue that allows unauthenticated attackers with network access to manipulate the device's Wi-Fi configuration. This weakness not only permits attackers to replace the stored Wi-Fi network with one of their choosing but can also lead to a Denial of Service (DoS) by exhausting system memory, thereby terminating critical KVM processes. Proper security checks are absent on the Wi-Fi configuration endpoint, making this a substantial risk for users.
Affected Version(s)
NanoKVM 0 < 2.3.1
NanoKVM 2.3.1
