A vulnerability labeled as critical has been found in EFM ipTIME NAS1dual 1.5.24 . This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi . Such manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2026-7834 . The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.