HIGH SeverityCVSS 3.17.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2026-7287

Last updated May 12, 2026 · Published May 12, 2026

Description

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0 could allow an attacker to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request to a vulnerable device.

Affected products

1 listed

Zyxel:NWA1100-N firmware

Mappings

CWE

CWE-120

CAPEC

None listed.

Guides

Rate Limiting in Node.jsPatterns for APIs, login endpoints, and abuse control.

Training

API Design That Defends ItselfREST, GraphQL, and gRPC patterns that reduce your attack surface by design.

CVE-2026-7287

Description

Affected products

Mappings

Related