Buffer Overflow Vulnerability in Zyxel NWA1100-N Customized Firmware
CVE-2026-7287

7.5HIGH

Key Information:

Vendor: Zyxel
Status: Nwa1100-n Firmware
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-7287?

A buffer overflow vulnerability exists in the functions formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() within the 'webs' binary of the Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0. This vulnerability allows an attacker to exploit the device by sending specifically crafted HTTP requests, potentially leading to a denial-of-service (DoS) condition, thus impairing device availability and functionality.

Affected Version(s)

NWA1100-N firmware 1.00(AACE.1)C0

References

https://www.zyxel.com/global/en/support/end-of-life

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 28, 2026

CVE-2026-7287 Data

JSON