CVE Catalog

CVE-2026-36933

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile — higher than 6% of all known CVEs

Summary

An issue in Boyleep K11 with y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature.

Risk Assessment

Attackers can exploit this vulnerability to gain control over the device, potentially leading to serious security implications.

Recommendation

It is recommended to update the firmware to the latest version to mitigate this vulnerability and to restrict physical access to the device.

Original NVD description (English source)

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS