FL NAT 2208
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22319 | 0.00 | — | 0.00 | Mar 18, 2026 | A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack. | |||
| CVE-2026-22318 | 0.00 | — | 0.00 | Mar 18, 2026 | A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack. | |||
| CVE-2026-22317 | 0.00 | — | 0.01 | Mar 18, 2026 | A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges. | |||
| CVE-2026-22316 | 0.00 | — | 0.00 | Mar 18, 2026 | A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack. |
- CVE-2026-22319Mar 18, 2026risk 0.00cvss —epss 0.00
A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack.
- CVE-2026-22318Mar 18, 2026risk 0.00cvss —epss 0.00
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack.
- CVE-2026-22317Mar 18, 2026risk 0.00cvss —epss 0.01
A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges.
- CVE-2026-22316Mar 18, 2026risk 0.00cvss —epss 0.00
A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack.
Page 2 of 2