GHSA-rjmc-8p4f-6f8pHighCVSS 8.6

The device has a webserver that exposes a REST API authenticated with a constant token. The...

Published
June 16, 2026
Last Modified
June 16, 2026

🔗 CVE IDs covered (1)

📋 Description

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands (e.g. system reboot).

🔗 References (3)