CVE-2025-29329
Published: 12 January 2026
Description
Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request.
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the buffer overflow flaw in the ippprint service by requiring timely patching of the vulnerable firmware.
Enforces validation of crafted HTTP requests to the ippprint service, preventing buffer overflows from malicious inputs.
Implements memory protections such as non-executable stacks and address space randomization to block arbitrary code execution from buffer overflows.
Security SummaryAI
CVE-2025-29329 is a buffer overflow vulnerability, classified under CWE-120, affecting the ippprint service that implements the Internet Printing Protocol in Sagemcom F@st 3686 routers running firmware version MAGYAR_4.121.0. Published on 2026-01-12, the flaw enables a remote attacker to execute arbitrary code by sending a crafted HTTP request to the vulnerable service.
The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical. Any unauthenticated remote attacker with network access to the device can exploit it with low complexity and no user interaction required, achieving high-impact compromise of confidentiality, integrity, and availability through arbitrary code execution.
Vendor advisories and additional details are available at http://fst.com and http://sagemcom.com, while a proof-of-concept exploit is hosted at https://github.com/SilverS3c/Sagemcom-fast-3686-ippprint.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing ippprint service (IPP over HTTP) enables unauthenticated remote arbitrary code execution, directly facilitating T1190: Exploit Public-Facing Application.