84 matches found
What One Predator Case Can Reveal About an Online Platform’s Safety Gaps
When a predator contacts a child through an online platform, the details of how it happened often expose…...
CVE-2026-49199
The CVE-2026-49199 entry describes a root‑level RCE via crafted MQTT messages, enabling command injection on the target device. Connected records identify Predator Connect W6x as affected (CVE-2026-49199 CVE Record). The core issue is a vulnerability in handling MQTT payloads that allows arbitrar...
CVE-2026-49199 Predator Connect W6x: RCE via MQTT
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49199 Predator Connect W6x: RCE via MQTT
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49198
CVE-2026-49198 affects Predator Connect W6x: MQTT broker. The issue is improper access control that enables wildcard topic subscriptions, which can expose all MQTT traffic to unauthorized actors. Documents do not specify the vulnerable component beyond the broker, nor do they provide version numb...
CVE-2026-49198 Predator Connect W6x: MQTT Broker Access Control
Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors...
CVE-2026-49198 Predator Connect W6x: MQTT Broker Access Control
Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors...
CVE-2026-49197 Predator Connect W6x: Improper Authentication
Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...
CVE-2026-49197 Predator Connect W6x: Improper Authentication
Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...
CVE-2026-49197
The CVE affects web endpoints used by the Acer Connect app, where the Authorization header is not properly validated. The underlying issue is improper handling of Base64 decoding failures, allowing requests that should be blocked. CVSS indicates a CRITICAL impact with high consequences for confid...
CVE-2026-49196 Predator Connect W6x: Web Interface Command Injection
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
CVE-2026-49196
Predator Connect W6x firmware exposes a web-interface command injection via the Wi‑Fi device blocking feature, caused by inadequate MAC address input sanitization. This permits arbitrary shell command execution through the affected component. The CVSS details indicate network access with high imp...
CVE-2026-49196 Predator Connect W6x: Web Interface Command Injection
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
CVE-2026-49195 Predator Connect W6x: unauthenticated Debug Service
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2026-49195 Predator Connect W6x: unauthenticated Debug Service
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2026-49195
The CVE CVE-2026-49195 affects Predator Connect W6x devices, where the /sbin/mtk_dut binary is exposed on TCP port 9000 with no authentication. This unauthenticated debug service allows any LAN-based attacker to execute arbitrary UCC commands. The associated CVSS v4.0 metrics indicate high impact...
Acer Predator Connect W6x 安全漏洞
The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a security vulnerability, which stems from improper access control in the MQTT proxy, allowing wildcard topic subscriptions, thereby exposin...
Acer Predator Connect W6x 安全漏洞
The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a security vulnerability. This vulnerability arises from the improper validation of the HTTP Authorization header by the Web endpoint of the...
Acer Predator Connect W6x 命令注入漏洞
The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a command injection vulnerability. This vulnerability arises from the program’s failure to effectively filter or sanitize malicious inputs i...
Acer Predator Connect W6x 代码注入漏洞
The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a code injection vulnerability, which stems from allowing injections and execution of arbitrary shell commands...