CRITICAL🇵🇱 Wersja polska

CVE-2025-29329

CVSS 9.8v3.1pub. 2026-01-12upd. 2026-07-05

Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request.

🤖 AI Analysis
How it works

The ippprint service running on the device does not properly validate the length of input data transmitted in HTTP requests, leading to a buffer overflow (CWE-120). An attacker sends a specially crafted HTTP request to the vulnerable service, causing memory areas outside the intended buffer to be overwritten. As a result, it is possible to hijack the program execution flow and execute arbitrary code on the device side.

Impact

An unauthenticated remote attacker can execute arbitrary code on the device (RCE), which in practice means complete takeover of the router, including the ability to modify network configuration, intercept network traffic, or use the device as an entry point to the local network.

Mitigation & patch

Apply patches available from the manufacturer according to the references. If an update is not available, it is recommended to restrict network access to the ippprint service at the firewall level or disable this service if it is not required.

Who is affected

Sagemcom F@st 3686 with firmware version MAGYAR_4.121.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sagemcom F\@st 3686

    HW
    Sagemcom
    wszystkie wersje
  • Sagemcom F\@st 3686 Firmware

    OS
    Sagemcom
    4.121.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2021-3304CRITICAL9.8ten sam produkt

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI.

CVE-2024-1623HIGH7.7ten sam produkt

Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This vulnerabilit...

CVE-2019-19494HIGH8.8ten sam produkt

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote...

CVE-2020-21733MEDIUM6.1ten sam produkt

Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.a...

CVE-2020-24034HIGH8.8ten sam vendor

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authe...