← back
CVE-2026-36355

CVE-2026-36355

CVSS 7.7 HIGHEPSS 0.7%CWE-200CWE-782CWE-787
The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioctl 0x89F6) debug handlers, which are compiled into production builds via the unconditionally defined _IOCTL_DEBUG_CMD_ macro in 8192cd_cfg.h
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/52580unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://realtek.comhttps://github.com/totekuh/CVE-2026-36355