Refine your search
26 vulnerabilities found for Connect M6E 5G Portable WiFi Router by Acer
CVE-2026-50226 (GCVE-0-2026-50226)
Vulnerability from cvelistv5
Published
2026-06-04 09:34
Modified
2026-06-04 12:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Summary
Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:21:37.141918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:21:50.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links."
}
],
"value": "Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204: Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T09:34:34.536Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Firmware Theft \u0026 IMEI Spoofing via Connect-OTA",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50226",
"datePublished": "2026-06-04T09:34:34.536Z",
"dateReserved": "2026-06-04T09:22:14.582Z",
"dateUpdated": "2026-06-04T12:21:50.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50225 (GCVE-0-2026-50225)
Vulnerability from cvelistv5
Published
2026-06-04 09:29
Modified
2026-06-04 12:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:22:17.479059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:22:34.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The registration path\u0026nbsp;\u003ccode\u003e/v1/account/register\u003c/code\u003e\u0026nbsp;provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database."
}
],
"value": "The registration path\u00a0/v1/account/register\u00a0provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125: Flooding"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T09:29:57.573Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Account Creation Exhaustion",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50225",
"datePublished": "2026-06-04T09:29:57.573Z",
"dateReserved": "2026-06-04T09:22:14.582Z",
"dateUpdated": "2026-06-04T12:22:34.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50224 (GCVE-0-2026-50224)
Vulnerability from cvelistv5
Published
2026-06-04 09:26
Modified
2026-06-04 12:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
The web administration panel binds broadly to the public IPv6 address space on port [::]:8080 without default firewall limits, making internal API endpoints reachable over the WAN.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50224",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:56:27.057325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:56:40.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The web administration panel binds broadly to the public IPv6 address space on port\u0026nbsp;\u003ccode\u003e[::]:8080\u003c/code\u003e\u0026nbsp;without default firewall limits, making internal API endpoints reachable over the WAN."
}
],
"value": "The web administration panel binds broadly to the public IPv6 address space on port\u00a0[::]:8080\u00a0without default firewall limits, making internal API endpoints reachable over the WAN."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Collect and Analyze Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T09:26:00.770Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated IPv6 WAN Management Exposure",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50224",
"datePublished": "2026-06-04T09:26:00.770Z",
"dateReserved": "2026-06-04T09:22:14.581Z",
"dateUpdated": "2026-06-04T12:56:40.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50214 (GCVE-0-2026-50214)
Vulnerability from cvelistv5
Published
2026-06-04 09:20
Modified
2026-06-04 13:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Summary
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50214",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T13:06:55.020712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T13:07:09.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The\u0026nbsp;\u003ccode\u003e/v1/Plan\u003c/code\u003e\u0026nbsp;service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans."
}
],
"value": "The\u00a0/v1/Plan\u00a0service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T09:20:37.959Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Shared Secret Quota Inflation",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50214",
"datePublished": "2026-06-04T09:20:37.959Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T13:07:09.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50213 (GCVE-0-2026-50213)
Vulnerability from cvelistv5
Published
2026-06-04 07:39
Modified
2026-06-04 12:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:45:11.898511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:45:21.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The account validation endpoint\u0026nbsp;\u003ccode\u003e/v1/User/validate\u003c/code\u003e\u0026nbsp;returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings."
}
],
"value": "The account validation endpoint\u00a0/v1/User/validate\u00a0returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Collect and Analyze Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:39:21.829Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Bulk User Private Data Harvesting",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50213",
"datePublished": "2026-06-04T07:39:21.829Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T12:45:21.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50212 (GCVE-0-2026-50212)
Vulnerability from cvelistv5
Published
2026-06-04 07:32
Modified
2026-06-04 12:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50212",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:41:15.737075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:41:30.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service."
}
],
"value": "Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125: Flooding"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:32:55.042Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Remote Device Unbinding",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50212",
"datePublished": "2026-06-04T07:32:55.042Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T12:41:30.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50211 (GCVE-0-2026-50211)
Vulnerability from cvelistv5
Published
2026-06-04 07:28
Modified
2026-06-04 12:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-134 - Use of Externally-Controlled Format String
Summary
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:42:55.801135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:43:05.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers."
}
],
"value": "Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134: Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:28:12.694Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Exposed Factory Testing App Boundaries",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50211",
"datePublished": "2026-06-04T07:28:12.694Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T12:43:05.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50210 (GCVE-0-2026-50210)
Vulnerability from cvelistv5
Published
2026-06-04 07:22
Modified
2026-06-04 12:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:42:33.005484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:42:41.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption."
}
],
"value": "The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption."
}
],
"impacts": [
{
"capecId": "CAPEC-97",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-97: Cryptanalysis"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:22:44.897Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Weak Static Cryptographic Initialization Vectors",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50210",
"datePublished": "2026-06-04T07:22:44.897Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T12:42:41.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50209 (GCVE-0-2026-50209)
Vulnerability from cvelistv5
Published
2026-06-04 07:17
Modified
2026-06-04 12:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:42:12.220163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:42:20.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Broadcast events allow malicious software to rewrite the device\u0027s default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker."
}
],
"value": "Broadcast events allow malicious software to rewrite the device\u0027s default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:17:54.018Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MDM Server Registration Overriding",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50209",
"datePublished": "2026-06-04T07:17:54.018Z",
"dateReserved": "2026-06-04T01:29:10.112Z",
"dateUpdated": "2026-06-04T12:42:20.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50208 (GCVE-0-2026-50208)
Vulnerability from cvelistv5
Published
2026-06-04 07:09
Modified
2026-06-04 12:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-330 - Use of Insufficiently Random Values
Summary
High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:41:51.553438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:41:58.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "High-risk\u0026nbsp;\u003ccode\u003eTrustAllCerts\u003c/code\u003e\u0026nbsp;routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic."
}
],
"value": "High-risk\u00a0TrustAllCerts\u00a0routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94: Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:09:45.754Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Permissive TrustAllCerts TLS Verification",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50208",
"datePublished": "2026-06-04T07:09:45.754Z",
"dateReserved": "2026-06-04T01:29:10.111Z",
"dateUpdated": "2026-06-04T12:41:58.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50207 (GCVE-0-2026-50207)
Vulnerability from cvelistv5
Published
2026-06-04 07:04
Modified
2026-06-04 12:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:22:47.284319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:22:56.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity."
}
],
"value": "The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62: Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:04:50.837Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local Modem Manipulation via Binder Interfaces",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50207",
"datePublished": "2026-06-04T07:04:50.837Z",
"dateReserved": "2026-06-04T01:29:10.111Z",
"dateUpdated": "2026-06-04T12:22:56.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50206 (GCVE-0-2026-50206)
Vulnerability from cvelistv5
Published
2026-06-04 06:46
Modified
2026-06-04 12:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:23:39.503426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:24:42.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files."
}
],
"value": "Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248: Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:46:48.114Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VPN Command Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50206",
"datePublished": "2026-06-04T06:46:48.114Z",
"dateReserved": "2026-06-04T01:29:10.111Z",
"dateUpdated": "2026-06-04T12:24:42.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-50205 (GCVE-0-2026-50205)
Vulnerability from cvelistv5
Published
2026-06-04 06:43
Modified
2026-06-04 12:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Summary
System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:38:33.444474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:38:53.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data."
}
],
"value": "System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Collect and Analyze Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:43:00.057Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Plaintext Log Credential Leakage",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50205",
"datePublished": "2026-06-04T06:43:00.057Z",
"dateReserved": "2026-06-04T01:29:10.111Z",
"dateUpdated": "2026-06-04T12:38:53.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49204 (GCVE-0-2026-49204)
Vulnerability from cvelistv5
Published
2026-06-04 06:35
Modified
2026-06-04 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:40:16.122998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:40:26.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation."
}
],
"value": "Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204: Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:35:18.896Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Hard-coded AWS Cognito Testing Accounts",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49204",
"datePublished": "2026-06-04T06:35:18.896Z",
"dateReserved": "2026-05-28T02:47:39.776Z",
"dateUpdated": "2026-06-04T12:40:26.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49202 (GCVE-0-2026-49202)
Vulnerability from cvelistv5
Published
2026-06-04 06:30
Modified
2026-06-04 12:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49202",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:31:54.855209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:32:02.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft."
}
],
"value": "Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Collect and Analyze Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:30:57.145Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unverified Meeting Recording Endpoints \u0026 Permissive CORS",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49202",
"datePublished": "2026-06-04T06:30:57.145Z",
"dateReserved": "2026-05-28T02:47:39.776Z",
"dateUpdated": "2026-06-04T12:32:02.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49203 (GCVE-0-2026-49203)
Vulnerability from cvelistv5
Published
2026-06-04 06:25
Modified
2026-06-04 12:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:32:19.725502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:32:26.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted."
}
],
"value": "Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:25:22.841Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated eSIM Configuration Manipulation",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49203",
"datePublished": "2026-06-04T06:25:22.841Z",
"dateReserved": "2026-05-28T02:47:39.776Z",
"dateUpdated": "2026-06-04T12:32:26.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49194 (GCVE-0-2026-49194)
Vulnerability from cvelistv5
Published
2026-06-04 06:21
Modified
2026-06-04 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:34:09.517770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:34:16.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The debugging routine\u0026nbsp;\u003ccode\u003eSCREEN_CLICK(5053)\u003c/code\u003e\u0026nbsp;enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface."
}
],
"value": "The debugging routine\u00a0SCREEN_CLICK(5053)\u00a0enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:21:01.353Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SCREEN_CLICK Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49194",
"datePublished": "2026-06-04T06:21:01.353Z",
"dateReserved": "2026-05-28T02:46:15.561Z",
"dateUpdated": "2026-06-04T12:34:16.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49193 (GCVE-0-2026-49193)
Vulnerability from cvelistv5
Published
2026-06-04 06:17
Modified
2026-06-04 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:34:40.655132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:34:54.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet."
}
],
"value": "Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Collect and Analyze Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T06:17:07.758Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Publicly Readable AWS S3 Telemetry Buckets",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49193",
"datePublished": "2026-06-04T06:17:07.758Z",
"dateReserved": "2026-05-28T02:46:15.561Z",
"dateUpdated": "2026-06-04T12:34:54.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49192 (GCVE-0-2026-49192)
Vulnerability from cvelistv5
Published
2026-06-04 05:43
Modified
2026-06-04 12:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:35:30.499644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:35:37.028Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping."
}
],
"value": "The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping."
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639: Probe System Files"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T05:43:55.875Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Summary Service Insecure Direct Object Reference",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49192",
"datePublished": "2026-06-04T05:43:55.875Z",
"dateReserved": "2026-05-28T02:46:15.561Z",
"dateUpdated": "2026-06-04T12:35:37.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49191 (GCVE-0-2026-49191)
Vulnerability from cvelistv5
Published
2026-06-04 05:36
Modified
2026-06-04 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:40:40.393873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:40:48.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages."
}
],
"value": "The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204: Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T05:36:09.221Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Exposed Hard-coded M3WebServer Backend API Key",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49191",
"datePublished": "2026-06-04T05:36:09.221Z",
"dateReserved": "2026-05-28T02:46:15.561Z",
"dateUpdated": "2026-06-04T12:40:48.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49190 (GCVE-0-2026-49190)
Vulnerability from cvelistv5
Published
2026-06-04 05:28
Modified
2026-06-04 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:39:52.145203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:40:01.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions."
}
],
"value": "The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248: Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T05:28:48.908Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Per-Instruction Authorization Checks",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49190",
"datePublished": "2026-06-04T05:28:48.908Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:40:01.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49189 (GCVE-0-2026-49189)
Vulnerability from cvelistv5
Published
2026-06-04 05:23
Modified
2026-06-04 12:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:39:15.196605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:39:36.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations."
}
],
"value": "Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T05:23:10.183Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Broadcast Receiver Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49189",
"datePublished": "2026-06-04T05:23:10.183Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:39:36.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49188 (GCVE-0-2026-49188)
Vulnerability from cvelistv5
Published
2026-06-04 04:08
Modified
2026-06-04 12:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-489 - Active Debug Code
Summary
The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:35:55.437201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:36:02.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The\u0026nbsp;\u003ccode\u003eai_cmd\u003c/code\u003e\u0026nbsp;utility executes with full root permissions. It pipes socket inputs directly to\u0026nbsp;\u003ccode\u003epopen()\u003c/code\u003e, paving the way for unauthenticated users to execute arbitrary root commands."
}
],
"value": "The\u00a0ai_cmd\u00a0utility executes with full root permissions. It pipes socket inputs directly to\u00a0popen(), paving the way for unauthenticated users to execute arbitrary root commands."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248: Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489: Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T04:08:08.913Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elevated Root Command Execution via ai_cmd Sockets",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49188",
"datePublished": "2026-06-04T04:08:08.913Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:36:02.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49187 (GCVE-0-2026-49187)
Vulnerability from cvelistv5
Published
2026-06-04 03:50
Modified
2026-06-04 12:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:36:23.109610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:36:31.494Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse."
}
],
"value": "The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T03:50:11.957Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Hard-coded APK Resource Credentials \u0026 Scepters",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49187",
"datePublished": "2026-06-04T03:50:11.957Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:36:31.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49186 (GCVE-0-2026-49186)
Vulnerability from cvelistv5
Published
2026-06-04 03:36
Modified
2026-06-04 12:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish rogue control commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:37:13.503833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:37:21.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (\u003ccode\u003e#\u003c/code\u003e\u0026nbsp;or\u0026nbsp;\u003ccode\u003e+\u003c/code\u003e) to enumerate hidden network devices or publish rogue control commands."
}
],
"value": "The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (#\u00a0or\u00a0+) to enumerate hidden network devices or publish rogue control commands."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 (Privilege Abuse/Access Control Bypass)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T03:36:59.864Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Lack of MQTT Broker Topic Access Control Lists",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49186",
"datePublished": "2026-06-04T03:36:59.864Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:37:21.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49185 (GCVE-0-2026-49185)
Vulnerability from cvelistv5
Published
2026-06-04 02:55
Modified
2026-06-04 12:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS command injection')
Summary
The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Version: * < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:37:44.331515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:37:54.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The FieldX MDM adb messaging topic passes unverified payloads directly into\u0026nbsp;\u003ccode\u003eRuntime.exec()\u003c/code\u003e, allowing command/instruction injection."
}
],
"value": "The FieldX MDM adb messaging topic passes unverified payloads directly into\u00a0Runtime.exec(), allowing command/instruction injection."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper neutralization of special elements used in an OS command (\u0027OS command injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T03:06:33.226Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Instruction Injection via FieldX MDM",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-49185",
"datePublished": "2026-06-04T02:55:48.841Z",
"dateReserved": "2026-05-28T02:46:15.560Z",
"dateUpdated": "2026-06-04T12:37:54.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}