CVE-2026-49200EPSS p27.2%

CVE-2026-49200CVE-2026-49200

acer / wave_7_firmware

Description

The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet), leading to unauthorized system access.

Scoring

CVSS 9.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.36% probability of exploitation · percentile 27.2% · 2026-06-19T12:03:05Z
Last modified2026-06-08

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-49197
CVE
CVE-2026-41032
CVE
CVE-2025-45620
CVE
CVE-2026-50226
CVE
CVE-2026-9212
CVE
CVE-2026-0408
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.