10
CVE-2026-49197
- EPSS 0.33%
- Veröffentlicht 29.05.2026 08:24:06
- Zuletzt bearbeitet 08.06.2026 12:33:12
- Quelle 8fc372e3-d9c5-46e4-9410-384697
- CVE-Watchlists
- Unerledigt
Predator Connect W6x: Improper Authentication
Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Acer ≫ Predator Connect W6x Firmware Version <= w6x_gbl_2.00.000005
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.248 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 8fc372e3-d9c5-46e4-9410-38469745c639 | 10 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
https://community.acer.com/en/kb/articles/19672