Vulnerabilities

CVE-2026-32296

by Fred · 17/03/2026

Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker’s choosing, or craft a request to exhaust the system memory and terminate the KVM process.

More information : https://eclypsium.com/blog/kvm-devices-the-keys-to-your-kingdom-are-hanging-on-the-network/

Similar

Tags: Cybersecurity Alert