CVE-2026-5601

Acrel Electrical Prepaid Cloud Platform Backup File bin.rar information disclosure

CVSS 6.9 MEDIUMEPSS 0.3%CWE-200 CWE-284

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Productos afectados

Acrel Electrical · Prepaid Cloud Platform

PoCs públicas encontradas — 1

cve_referencegithub.com/3223892355/CVE/blob/main/001/report.mdno verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/3223892355/CVE/blob/main/001/report.md https://vuldb.com/submit/784693 https://vuldb.com/vuln/355393 https://vuldb.com/vuln/355393/cti