High severity8.8NVD Advisory· Published May 29, 2026· Updated Jun 8, 2026
CVE-2026-49195
CVE-2026-49195
Description
Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands.
Affected products
2- cpe:2.3:o:acer:predator_connect_w6x_firmware:*:*:*:*:*:*:*:*Range: <=w6x_gbl_2.00.000005
Patches
Vulnerability mechanics
References
1- community.acer.com/en/kb/articles/19672nvdVendor Advisory
News mentions
0No linked articles in our index yet.