CVE-2026-32296: Sipeed NanoKVM unauthenticated Wi-Fi configuration endpoint

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-32296

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Sipeed NanoKVM unauthenticated Wi-Fi configuration endpoint

Source: NVD (National Vulnerability Database)

Vulnerability Description

Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate the KVM process.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

关键功能的认证机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

NanoKVM 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NanoKVM是Sipeed开源的一个远程计算机控制设备。 NanoKVM 2.3.1之前版本存在安全漏洞，该漏洞源于Wi-Fi配置端点缺少适当安全检查，可能导致未经身份验证的攻击者更改配置的Wi-Fi网络或耗尽系统内存。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Sipeed	NanoKVM	0 ~ 2.3.1	-

II. Public POCs for CVE-2026-32296

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

kimi-k2.5 · 9555 chars

Paid plan includes:

In-depth vulnerability mechanism

Trigger conditions & impact

Full executable POC code

Exploit chain & mitigation

POC zip download

100+ AI POC generations per month

Upgrade Pro to unlock ¥99/month Sign up first

III. Intelligence Information for CVE-2026-32296

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same weakness: CWE-306

V. Comments for CVE-2026-32296

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2026-32296

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-32296

III. Intelligence Information for CVE-2026-32296

IV. Related Vulnerabilities

V. Comments for CVE-2026-32296

Leave a comment