VYPR
High severity8.8NVD Advisory· Published May 29, 2026· Updated Jun 8, 2026

CVE-2026-49195

CVE-2026-49195

Description

Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.