216.73.217.86

CVE-2026-26049

· Published 20/02/2026 17:25 · Modified 20/02/2026 18:57

Labels: CVE-2026-26049 2026-02-20CVE-2026-26049CWE-522[email protected]

Essential information

Published
20/02/2026 17:25
Modified
20/02/2026 18:57
Author
Creator
CVSS
5.7 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CVSS metrics

Description

The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form caching.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / * cpe:2.3:a:*:*:*:*:*:*:*:*:*:*

References