CVE-2026-24498

Medium CVSS: 6.0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.

Vendor

Iptime

Product

T5008 Firmware

CWE

CWE-200

Yayın Tarihi

2026-02-27 02:16:19

Güncelleme

2026-03-17 15:46:33

Source Identifier

vuln@krcert.or.kr

KEV Date Added

Kategoriler

CWE-200 T5008 Firmware MEDIUM Iptime 2026

Referanslar

https://iptime.com/iptime/?page_id=126&dffid=1&dfsid=15&dftid=589&uid=26901&mod=document https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71987

Benzer Kayıtlar

Medium

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpcon_check_session_url of the f…

Medium

CVE-2026-1742

A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncl…

Medium

CVE-2026-1740

A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file…

Critical

CVE-2025-55423

A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the contr…

Medium

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability ar…