CVE-2026-35089 Use of Weak Credentials in Slican telephone exchanges

🗓️ 27 May 2026 12:42:19Reported by CERT-PLType

CVE-2026-35089: Weak credentials in Slican exchanges enable unauthenticated key deduction and admin access.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2026-35089	27 May 202603:55	–	circl
CNNVD	Slican多款产品安全漏洞	27 May 202600:00	–	cnnvd
CVE	CVE-2026-35089	27 May 202612:42	–	cve
EUVD	EUVD-2026-32277	27 May 202615:33	–	euvd
NVD	CVE-2026-35089	27 May 202614:16	–	nvd
Positive Technologies	PT-2026-43700	27 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-35089	5 Jun 202619:10	–	redhatcve
Vulnrichment	CVE-2026-35089 Use of Weak Credentials in Slican telephone exchanges	27 May 202612:42	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "IPx",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.61.0040",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CCT-1668",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.56.0430",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MAC-6400",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.56.0430",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CXS-0424",
    "vendor": "Slican",
    "versions": [
      {
        "lessThan": "6.30.0510",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
cert	www.cert.pl/posts/2026/05/CVE-2026-35087

27 May 2026 12:42Current

CVSS 48.7

EPSS0.00589

CWE-1391