Back to CVE List

CVE-2026-24455

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Description

The embedded web interface of the device does not support HTTPS/TLS for
authentication and uses HTTP Basic Authentication. Traffic is encoded
but not encrypted, exposing user credentials to passive interception by
attackers on the same network.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-319
Source
NVD
Vendor
Jinan USR IOT Technology Limited (PUSR)
Product
USR-W610

External References

Discussion (0)

Add Comment

No comments yet. Be the first!