PatchSiren cyber security CVE debrief
CVE-2025-29329 Sagemcom CVE debrief
A critical buffer overflow vulnerability was found in the ippprint service of Sagemcom F@st 3686 MAGYAR_4.121.0. This allows remote attackers to execute arbitrary code via crafted HTTP requests. The vulnerability has a CVSS score of 9.8, indicating critical severity. Network administrators and security teams managing Sagemcom F@st 3686 devices, especially those using MAGYAR_4.121.0 firmware, should prioritize patching. Evidence is based on the CVE record and NVD details. Immediate patching is recommended due to the potential for remote code execution.
- Vendor
- Sagemcom
- Product
- F@st 3686
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-12
- Original CVE updated
- 2026-07-05
- Advisory published
- 2026-01-12
- Advisory updated
- 2026-07-05
Who should care
Network administrators and security teams managing Sagemcom F@st 3686 devices, especially those using MAGYAR_4.121.0 firmware, should prioritize patching this vulnerability.
Technical summary
The CVE-2025-29329 vulnerability is a buffer overflow in the ippprint service of Sagemcom F@st 3686 MAGYAR_4.121.0. This service, part of the Internet Printing Protocol (IPP), is susceptible to remote exploitation. An attacker can execute arbitrary code by sending a specially crafted HTTP request. The vulnerability has a CVSS score of 9.8, indicating critical severity.
Defensive priority
Immediate patching is recommended due to the critical severity and potential for remote code execution. This vulnerability requires urgent attention to prevent potential exploitation.
Recommended defensive actions
- Apply the vendor-provided patch or update to a fixed version of the firmware.
- Implement network segmentation to limit access to the affected service.
- Monitor network traffic for suspicious HTTP requests.
- Conduct regular vulnerability scans and inventory checks.
Evidence notes
The CVE record and NVD details provide primary evidence for this vulnerability. However, specific exploit details or additional affected versions are not provided in the source corpus.
Official resources
-
CVE-2025-29329 CVE record
CVE.org
-
CVE-2025-29329 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-01-12T22:16:07.660Z and has not been modified since then.