216.73.216.133

CVE-2026-24455

· Published 20/02/2026 17:25 · Modified 20/02/2026 18:57

Labels: CVE-2026-24455 2026-02-20CVE-2026-24455CWE-319[email protected]

Essential information

Published
20/02/2026 17:25
Modified
20/02/2026 18:57
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / embedded web interface cpe:2.3:a:*:embedded_web_interface:*:*:*:*:*:*:*:*

References