2026-03-17 17:19:55
cisa-cg
PUBLISHED
Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attackers choosing, or craft a request to exhaust the system memory and terminate the KVM process.