CVE-2026-36613
Published
CVSS v3
4.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers.
15 CVEs in Mercusys AC12G (EU) V1 - 2 Critical, 4 High, 8 Medium, 1 Low
GitHub