Ezcast Pro Dongle Ii Firmware
CVE-2026-24346
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
AnalysisAI
EZCast Pro II v1.17478.146 uses well-known default credentials in the Admin UI enabling immediate administrative access to the wireless presentation system.
Technical ContextAI
EZCast Pro II v1.17478.146 has CWE-798 use of well-known default credentials in its Admin UI.
RemediationAI
Change default credentials. Segment presentation devices on dedicated networks.
Ezcast Pro Dongle Ii Firmware versions up to 1.17478.146 is affected by improper input validation (CVSS 8.8).
Ezcast Pro Dongle Ii Firmware versions up to 1.17478.146 is affected by improper input validation (CVSS 6.1).
Ezcast Pro Dongle Ii Firmware versions up to 1.17478.146 is affected by improper input validation (CVSS 5.3).
Same weakness CWE-798 – Use of Hard-coded Credentials
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today