Filtered by vendor Acer
Subscribe
Total
55 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6121 | 1 Acer | 1 Lunchapp.aplunch | 2026-06-16 | 9.3 HIGH | N/A |
| Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method. | |||||
| CVE-2026-50224 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-08 | N/A | 4.9 MEDIUM |
| The web administration panel binds broadly to the public IPv6 address space on port [::]:8080 without default firewall limits, making internal API endpoints reachable over the WAN. | |||||
| CVE-2026-50225 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-08 | N/A | 9.1 CRITICAL |
| The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database. | |||||
| CVE-2026-50226 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-08 | N/A | 5.3 MEDIUM |
| Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links. | |||||
| CVE-2026-50214 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-08 | N/A | 9.8 CRITICAL |
| The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans. | |||||
| CVE-2026-49201 | 1 Acer | 2 Wave 7, Wave 7 Firmware | 2026-06-08 | N/A | 9.8 CRITICAL |
| The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection. | |||||
| CVE-2026-49198 | 1 Acer | 2 Predator Connect W6x, Predator Connect W6x Firmware | 2026-06-08 | N/A | 4.9 MEDIUM |
| Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors. | |||||
| CVE-2026-49197 | 1 Acer | 2 Predator Connect W6x, Predator Connect W6x Firmware | 2026-06-08 | N/A | 9.8 CRITICAL |
| Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails. | |||||
| CVE-2026-49196 | 1 Acer | 2 Predator Connect W6x, Predator Connect W6x Firmware | 2026-06-08 | N/A | 7.2 HIGH |
| The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands. | |||||
| CVE-2026-49195 | 1 Acer | 2 Predator Connect W6x, Predator Connect W6x Firmware | 2026-06-08 | N/A | 8.8 HIGH |
| Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands. | |||||
| CVE-2026-49200 | 1 Acer | 2 Wave 7, Wave 7 Firmware | 2026-06-08 | N/A | 9.8 CRITICAL |
| The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet), leading to unauthorized system access. | |||||
| CVE-2026-9490 | 1 Acer | 1 Care Center | 2026-06-04 | N/A | 5.5 MEDIUM |
| A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version. | |||||
| CVE-2026-49199 | 1 Acer | 2 Predator Connect W6x, Predator Connect W6x Firmware | 2026-06-04 | N/A | 9.8 CRITICAL |
| Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device. | |||||
| CVE-2026-49186 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 9.8 CRITICAL |
| The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish rogue control commands. | |||||
| CVE-2026-49185 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 9.8 CRITICAL |
| The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection. | |||||
| CVE-2026-49187 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 7.5 HIGH |
| The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse. | |||||
| CVE-2026-49188 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 9.8 CRITICAL |
| The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands. | |||||
| CVE-2026-49189 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 7.8 HIGH |
| Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. | |||||
| CVE-2026-49190 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 8.8 HIGH |
| The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions. | |||||
| CVE-2026-49191 | 1 Acer | 2 Connect M6e 5g, Connect M6e 5g Firmware | 2026-06-04 | N/A | 9.8 CRITICAL |
| The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. | |||||