By weakness (CWE)
CWE-341: related vulnerabilities
CVEs classified under CWE-341. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-36609HIGH 7.3
A vulnerability in Mercusys AC12G (EU) V1 routers with firmware version AC12G(EU)_V1_200909 allows attackers on the network to recover administrator passwords. The router uses a static authentication nonce (a security token) that remains the same for requests from the same IP address, and combines this with weak password encoding. An attacker who captures authentication traffic can reverse-engineer the encoding to extract plaintext credentials, potentially gaining full administrative control of the router.