CVE-2026-35089

🗓️ 27 May 2026 12:42:19Reported by CERT-PLType

Unauthenticated attackers can deduce the secure key in Slican exchanges from predictable generation and obtain admin credentials.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2026-35089	27 May 202603:55	–	circl
CNNVD	Slican多款产品安全漏洞	27 May 202600:00	–	cnnvd
Cvelist	CVE-2026-35089 Use of Weak Credentials in Slican telephone exchanges	27 May 202612:42	–	cvelist
EUVD	EUVD-2026-32277	27 May 202615:33	–	euvd
NVD	CVE-2026-35089	27 May 202614:16	–	nvd
Positive Technologies	PT-2026-43700	27 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-35089	5 Jun 202619:10	–	redhatcve
Vulnrichment	CVE-2026-35089 Use of Weak Credentials in Slican telephone exchanges	27 May 202612:42	–	vulnrichment

Vulners

Node

slican ipxRange<6.61.0040

slican cct-1668Range<6.56.0430

slican mac-6400Range<6.56.0430

slican cxs-0424Range<6.30.0510

[
  {
    "defaultStatus": "unaffected",
    "product": "IPx",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.61.0040",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CCT-1668",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.56.0430",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MAC-6400",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.56.0430",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CXS-0424",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.30.0510",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
cert	www.cert.pl/posts/2026/05/CVE-2026-35087

17 Jun 2026 10:40Current

5.8Medium risk

Vulners AI Score5.8

CVSS 48.7

EPSS0.00589

SSVC

CWE-1391