CVE-2026-22316

{"id": "CVE-2026-22316", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2026-03-18T08:16:27.070", "references": [{"url": "https://certvde.com/de/advisories/VDE-2025-104", "source": "info@cert.vde.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack."}, {"lang": "es", "value": "Un atacante remoto con privilegios de usuario para la webUI puede usar la configuraci\u00f3n del nombre de archivo TFTP con una solicitud POST para desencadenar un desbordamiento de b\u00fafer basado en pila, lo que resulta en un ataque de DoS."}], "lastModified": "2026-03-18T14:52:44.227", "sourceIdentifier": "info@cert.vde.com"}