Critical severity9.8NVD Advisory· Published Feb 11, 2026· Updated Apr 15, 2026

CVE-2026-24789

Description

An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.