Critical severity9.8NVD Advisory· Published May 29, 2026· Updated Jun 8, 2026
CVE-2026-49197
CVE-2026-49197
Description
Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.
Affected products
2- cpe:2.3:o:acer:predator_connect_w6x_firmware:*:*:*:*:*:*:*:*Range: <=w6x_gbl_2.00.000005
Patches
Vulnerability mechanics
References
1- community.acer.com/en/kb/articles/19672nvdVendor Advisory
News mentions
0No linked articles in our index yet.