upload.cgi

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-49201	Acer upload.cgi	Cri	0.64	9.8	0.00		May 29, 2026	The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection.

CVE-2026-49201CriMay 29, 2026
Acer
upload.cgi
risk 0.64cvss 9.8epss 0.00
The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection.