Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
Critical

Stack Buffer Size Calculation Flaw in Delta Electronics AS320T Web Service GET/PUT Handler

IdentifiersCVE-2026-1949CWE-131· Incorrect Calculation of Buffer Size

CVE-2026-1949 affects the Delta Electronics AS320T. According to the provided content, the vulnerability is caused by an incorrect calculation of the buffer size on the stack in the web service's GET/PUT request handler. This is a memory-handling flaw classified as CWE-131. Because the vulnerable code is in the HTTP GET/PUT request processing path of the device web service, a remote attacker may be able to trigger improper stack-based memory operations by sending crafted requests to the exposed interface.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

The provided CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating remote exploitation over the network with low attack complexity, no privileges required, and no user interaction. Successful exploitation could have high impact on confidentiality, integrity, and availability. Based on the nature of the flaw, impact may include memory corruption leading to device compromise, unauthorized access to sensitive information, modification of device state or configuration, and denial of service.

Mitigation

If you can’t patch tonight, do this now.

If patching cannot be performed immediately, reduce exposure of the AS320T web service by restricting network access to trusted management hosts only, disabling or isolating the web interface where operationally feasible, placing the device behind firewalls or industrial segmentation controls, and blocking untrusted access to HTTP methods used by the vulnerable handler, including GET and PUT, if this can be done safely without disrupting operations. Continuous monitoring for unexpected requests to the device web service is also advisable.

Remediation

Patch, then assume compromise.

Apply the vendor-provided fix referenced in Delta Electronics advisory Delta-PCSA-2026-00006_AS320T Multiple vulnerabilities. Upgrade the AS320T to the patched firmware or software version specified by Delta Electronics for CVE-2026-1949. If exact fixed versions are needed, that information is not available in the provided content and should be confirmed directly from the vendor advisory.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
DeltawwAs320tapplication
DeltawwAs320t Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

4 SOURCESView more in app
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity3

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-1949
NVD
nvd.nist.gov/vuln/detail/CVE-2026-1949
MITRE CWE · CWE-131
Incorrect Calculation of Buffer Size
Vendor Advisory
filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00006_AS320T%20Multiple%20vulnerabilities%20(CVE-2026-1949,%201950,%201951,%201952).pdf