CVE Catalog
CVE-2026-35075
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.47%
37th percentile — higher than 37% of all known CVEs
Summary
An unauthenticated remote attacker can recover a default, hard-coded password from a firmware image, gaining full access to all affected devices.
Risk Assessment
The risk is that an attacker can gain full control over devices without authentication, potentially compromising confidentiality, integrity, and availability of systems.
Recommendation
Immediately update the firmware to a version that removes the hard-coded password and change default passwords on all devices.
Original NVD description (English source)
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.

