CVE-2026-7786

Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services...

CVE-2026-7786

The CVE-2026-7786 affects Jinan USR IOT’s USR-W610 RS232/485 to Wi‑Fi/Ethernet Converter. The firmware image contains plaintext administrative credentials that can be extracted via firmware analysis and used to authenticate to device services, enabling administrator access. Reported CVSS v3.1 sco...

USR-W610 信任管理问题漏洞

USR-W610 is an industrial-grade serial-to-Wi-Fi networking module developed by USR. The USR-W610 has a trust management vulnerability, which stems from the inclusion of plaintext management credentials in the firmware. This vulnerability could allow credentials to be extracted through firmware...

CVE-2026-26048 Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function

The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and disassociation frames to be broadcast without authentication or encryption. An attacker can use this to cause unauthorized disruptions and create a...

CVE-2026-24455

CVE-2026-24455 affects the embedded web interface of the Jinan USR IOT USR-W610. The interface does not support HTTPS/TLS and relies on HTTP Basic Authentication, meaning credentials are encoded but not encrypted and can be captured by anyone on the same network. Impact described in sources inclu...

Jinan USR IOT USR-W610 安全漏洞

Jinan USR IOT USR-W610 is a serial-to-Ethernet converter produced by the Jinan USR IOT company. There is a security vulnerability in the Jinan USR IOT USR-W610; this vulnerability stems from allowing administrator username and password values to be set to null, which may allow unauthenticated...