CVE-2026-1949— Incorrect calculation of buffer size on the stack in AS320T
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-1949
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect calculation of buffer size on the stack in AS320T
Source: NVD (National Vulnerability Database)
Vulnerability Description
Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
缓冲区大小计算不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Delta Electronics AS320T 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Delta Electronics AS320T是中国台达电子(Delta Electronics)公司的一款用于工业自动化控制的高性能可编程逻辑控制器设备。 Delta Electronics AS320T存在安全漏洞,该漏洞源于Web服务的GET/PUT请求处理程序中栈上缓冲区大小计算不正确。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2026-1949
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-1949
请登录查看更多情报信息。
Same Patch Batch · DeltaWW · 2026-04-24 · 4 CVEs total
| CVE-2026-1951 | 9.8 CRITICAL | No checking of the length of the buffer with the directory name in AS320T |
| CVE-2026-1950 | 9.8 CRITICAL | No checking of the length of the buffer with the file name in AS320T |
| CVE-2026-1952 | 9.8 CRITICAL | Denial of service via the undocumented subfunction in AS320T |
IV. Related Vulnerabilities
Same vendor: DeltaWW
- CVE-2026-1951
No checking of the length of the buffer with the directory n - CVE-2026-1952
Denial of service via the undocumented subfunction in AS320T - CVE-2026-1950
No checking of the length of the buffer with the file name i - CVE-2026-5726
ASDA-Soft Stack-based Buffer Overflow Vulnerability - CVE-2026-3631
Buffer Over-read DoS Vulnerability in COMMGR2
Same weakness: CWE-131
V. Comments for CVE-2026-1949
No comments yet