CVE-2026-36606: Mercusys AC12G V1 Hardcoded DES Encryption in Configuration Backups
Mercusys AC12G (EU) V1 routers running firmware version AC12G(EU)_V1_200909 store backup files that are encrypted with a hardcoded, publicly discoverable key using weak encryption. Anyone who obtains a backup file—whether through direct device access, cloud storage misconfiguration, or phishing—can decrypt it and extract sensitive credentials including the admin password, WiFi pre-shared key, and DDNS login information. This is a local attack that depends on an attacker first gaining access to the backup file itself.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.1 HIGH · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
- Weaknesses (CWE)
- CWE-798
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-03 / 2026-06-17
NVD description (verbatim)
Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials.
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability stems from the use of single DES (Data Encryption Standard) in ECB (Electronic Codebook) mode with a hardcoded encryption key to protect configuration backups. Single DES, standardized in the 1970s, is cryptographically broken and should never be used for new systems. ECB mode is inherently weak because identical plaintext blocks encrypt to identical ciphertext blocks, leaking information about the data structure. The hardcoded key means no entropy or uniqueness exists per device or backup. When a backup file is obtained, an attacker can readily decrypt it using publicly available tools and the known key to recover all credentials stored within the configuration.
Business impact
Compromise of admin credentials and WiFi keys undermines the security perimeter of affected networks. An attacker with the admin password can reconfigure the router, redirect traffic, disable security features, or use it as a pivot point into the network. Leaked WiFi PSK enables unauthorized network access. Compromised DDNS credentials may allow an attacker to hijack the dynamic DNS service, redirecting legitimate users to malicious sites or disrupting connectivity. For organizations, this threatens confidentiality of network data, availability of services, and potentially integrity of connected systems and users.
Affected systems
The vulnerability affects Mercusys AC12G (EU) V1 routers with firmware version AC12G(EU)_V1_200909. Mercusys is a budget-oriented subsidiary brand of TP-Link. The AC12G is a common entry-level WiFi router deployed in small offices, homes, and branch offices across Europe. The affected firmware version should be verified against your specific device; other firmware versions and models may or may not be affected. No vendor product list was provided in the advisory data; check Mercusys support pages and your inventory for affected units.
Exploitability
Exploitation requires local access to a backup file. The attacker does not need to interact with the running router or authenticate to it during the attack itself. Backup files may be accessible through several vectors: direct USB or SD card access if the device is physically compromised, accidental exposure in cloud storage or file shares, email interception or archive repositories, or social engineering. The decryption step is trivial once the backup is obtained—single DES with a known key can be broken in seconds using commodity hardware or online tools. This is not an over-the-network remote code execution vulnerability, but it significantly lowers the bar for credential theft.
Remediation
Mercusys should issue a firmware update that replaces single DES-ECB encryption with a modern cipher such as AES-256 in GCM mode, uses a cryptographically secure random key derived from device-unique material, and implements authenticated encryption. Until an update is available, mitigations include restricting physical access to devices, ensuring backup files are not exported or stored in accessible locations, enforcing strong admin passwords, and monitoring for unauthorized admin access. Do not rely on the backup encryption as your only control; assume backups are plaintext.
Patch guidance
Verify the latest available firmware version for the Mercusys AC12G (EU) V1 on the official Mercusys support website. Download the firmware image directly from Mercusys, not from third-party sources. Connect to the router's admin interface and navigate to System Tools > Firmware Upgrade. Upload the new firmware image and allow the upgrade to complete without interruption. The router will restart automatically. After the upgrade, verify the new firmware version in the System Tools > System Parameters page. If a patch that specifically addresses this encryption issue is not yet available from Mercusys, request an ETA from their support channel. In the meantime, apply compensating controls as outlined in Remediation.
Detection guidance
Monitor for unauthorized access to router admin accounts by reviewing login logs in the router's admin interface or any centralized logging system. Check for unusual configuration changes or firmware modifications. If you export backup files, store them with strict access controls and encrypt them again with a strong, independently managed key before storage or transmission. Periodically audit which devices and users have access to backup files. If you suspect a backup has been obtained by an unauthorized party, immediately change the admin password, WiFi PSK, and DDNS credentials. Review router logs for any administrative actions that may indicate compromise.
Why prioritize this
Although this is a local attack requiring prior access to a backup file, the consequences are severe: full credential compromise of the router's administrative interface. For any organization where branch offices, field sites, or employee homes host these routers, the risk of physical compromise or careless backup storage is real. The use of broken encryption is indefensible and indicates lack of security rigor in the vendor's design. Prioritization depends on your environment: if AC12G V1 units are in high-security zones with strict physical controls, the risk is lower; if they are in distributed, less-controlled locations, prioritize firmware updates and backup controls immediately.
Risk score, explained
The CVSS 3.1 score of 7.1 (HIGH) reflects high impact (confidentiality and integrity both scored as High) but recognizes that an attacker must have local access to a backup file and low privilege on the local system. The score appropriately penalizes the severity of credential exposure while acknowledging that remote exploitation without prior access is not possible. This is a classic case where CVSS alone should not drive your decision; consider your specific exposure to AC12G V1 devices and the likelihood of backup file compromise in your threat model.
Frequently asked questions
What exactly can an attacker do if they decrypt a backup file?
They recover the router's admin password, WiFi PSK, DDNS username and password, and any other credentials or configurations stored in the backup. They do not immediately gain remote access to the router, but these credentials allow them to reconfigure it, change security settings, redirect DNS, or access the WiFi network. They may also use the admin credentials to access the web interface remotely if the router is exposed to the Internet.
Do all Mercusys routers use hardcoded DES encryption for backups?
No, this specific vulnerability affects the AC12G (EU) V1 with firmware AC12G(EU)_V1_200909. Other models and firmware versions may use different encryption or may be unaffected. Check the official Mercusys support site and your device labels to confirm your exact model and firmware version.
If we use strong admin passwords, are we protected?
No. A strong admin password is still recoverable from a decrypted backup file. Do not rely on password strength to mitigate this vulnerability. You must prevent unauthorized access to backup files and implement proper encryption independently of the backup mechanism.
What should we do if we can't upgrade to a patched firmware immediately?
Immediately change your WiFi PSK, admin password, and DDNS credentials. Store any exported backups with strict access controls, preferably encrypted separately with AES-256 and a key unrelated to the device. Restrict physical access to affected routers. Disable remote management on the router if possible. Monitor admin access logs closely. Prioritize upgrading the firmware as soon as a patch is available.
This analysis is based on the CVE record and published advisory information as of June 2026. Mercusys may release patches or additional guidance after this publication. Verify all patch versions, supported device models, and remediation steps against the official Mercusys security advisories before deploying changes to production systems. SEC.co makes no warranty regarding the completeness, accuracy, or suitability of this information for your specific environment. Always conduct your own risk assessment and testing in a controlled environment before applying patches or configuration changes to production equipment. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2019-25722HIGHHard-Coded Credentials and DoS in Dräger Patient Monitoring Devices
- CVE-2026-21404MEDIUMNAVTOR NavBox Hard-Coded SOAP Credentials Allow Local File Modification
- CVE-2026-25600MEDIUMPDBM Hard-Coded Encryption Secret Vulnerability
- CVE-2026-36616MEDIUMMercusys AC12G Hardcoded WiFi Credentials Vulnerability
- CVE-2018-25382HIGHZechat 1.5 SQL Injection Vulnerability – Unauthenticated Database Access
- CVE-2018-25383HIGHFree MP3 CD Ripper 2.8 Stack Overflow – ROP and DEP Bypass Risk
- CVE-2018-25385HIGHUnauthenticated SQL Injection in E-Registrasi Pencak Silat 18.10
- CVE-2018-25386HIGHSQL Injection in HaPe PKH 1.1 Admin Interface