By weakness (CWE)

CWE-307: related vulnerabilities

CVEs classified under CWE-307. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

4 published vulnerabilities

  • CVE-2026-36607HIGH 8.8

    A vulnerability in Mercusys AC12G (EU) V1 routers allows attackers on the same local network to repeatedly guess the administrator password without limit. Unlike the normal login interface which enforces rate limiting, the password change feature in the router's management protocol accepts unlimited guesses, giving attackers a straightforward path to full administrative access.

  • CVE-2026-35675HIGH 8.2

    phpMyFAQ versions before 4.1.3 contain a critical flaw in their password reset mechanism that completely bypasses authentication checks. An attacker does not need valid credentials or access to a victim's email to reset passwords—they can simply request a password reset for any user account, and the system grants it without verification. This means attackers can take over any account, including administrator accounts, giving them full control of the FAQ system and potentially the underlying server.

  • CVE-2026-36612MEDIUM 6.4

    The Mercusys AC12G (EU) router with firmware version AC12G(EU)_V1_200909 ships with Wi-Fi Protected Setup (WPS) enabled by default. WPS is a feature designed to simplify device pairing, but this implementation has a critical weakness: after just 10 failed PIN guesses, the device locks out for only 60 seconds. This short lockout window makes brute-force attacks against the WPS PIN feasible within a reasonable timeframe, potentially allowing an attacker within wireless range to gain administrative access to the router.

  • CVE-2026-10216LOW 3.7

    A vulnerability has been discovered in unitedbyai droidclaw version 0.5.3 and earlier that weakens authentication security on the claim endpoint. The flaw allows attackers to bypass rate limiting or account lockout protections during login attempts, potentially enabling brute-force attacks to guess user credentials. While a public exploit exists, the attack requires specific conditions and technical skill to execute successfully. The vendor has been notified but has not yet released a fix.