CVE-2026-25715
Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
The web management interface of the device allows the administrator
username and password to be set to blank values. Once applied, the
device permits authentication with empty credentials over the web
management interface and Telnet service. This effectively disables
authentication across all critical management channels, allowing any
network-adjacent attacker to gain full administrative control without
credentials.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Jinan USR IOT Technology Limited (PUSR) · USR-W610Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →