Skip to main content

Acer Connect M6E CVE-2026-50225

| EUVDEUVD-2026-34230 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-06-04 Acer GHSA-82fg-pv3h-fmhc
8.8
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 04, 2026 - 12:20 vuln.today
CVSS changed
Jun 04, 2026 - 10:22 NVD
8.8 (HIGH)
CVE Published
Jun 04, 2026 - 09:29 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database.

AnalysisAI

Database flooding via unauthenticated abuse of Acer Connect M6E 5G Portable WiFi Router's registration endpoint allows remote attackers to exhaust storage by repeatedly invoking /v1/account/register without rate limiting, CAPTCHA, or other bot mitigation. The flaw affects firmware up to and including M6E_AI_1.00.000019 and carries a CVSS 4.0 score of 8.8 driven primarily by a high availability impact; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Associate to M6E WLAN or reach management API
Delivery
Enumerate /v1/account/register endpoint
Exploit
Script high-volume POST requests with randomized accounts
Execution
Bypass absent bot mitigation
Persist
Flood router account database
Impact
Degrade or deny registration and device availability

Vulnerability AssessmentAI

Exploitation Network reachability to the router's HTTP management API endpoint /v1/account/register is required - in typical deployments this means the attacker must be associated with the M6E's WLAN or otherwise on a network path to the device's management interface; no credentials, no user interaction, and no special server-side configuration are required because the endpoint ships without any rate limiting, CAPTCHA, or bot mitigation. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals partially conflict. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on the same WLAN as a Connect M6E (or reaching it via any exposed management path) scripts repeated HTTP POSTs to /v1/account/register with randomized payloads, inserting thousands of bogus account records per minute. Within minutes the router's account/user storage fills, causing degraded or failed legitimate registrations, web-UI errors, or device instability; no public POC is referenced but the request is trivial to reproduce with curl or a short script.
Remediation No vendor-released patch version is identified at time of analysis from the provided data; the Acer community KB article at https://community.acer.com/en/kb/articles/19707 should be consulted for the current fixed firmware build superseding M6E_AI_1.00.000019, and the device updated via its built-in firmware update mechanism. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Acer Connect M6E 5G routers in production and document firmware versions; assess whether devices are internet-accessible or used in security-sensitive roles. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-49185 CRITICAL
10.0 Jun 04

Unauthenticated remote command injection in Acer Connect M6E 5G Portable WiFi Router (firmware ≤ M6E_AI_1.00.000019) all

CVE-2026-49190 CRITICAL
9.4 Jun 04

Command injection in the Acer Connect M6E 5G Portable WiFi Router allows authenticated remote attackers to install arbit

CVE-2026-49194 CRITICAL
9.4 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router allows low-privileged remote attackers to reach a

CVE-2026-49191 CRITICAL
9.3 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router's M3WebServer production build exposes hard-coded

CVE-2026-50214 CRITICAL
9.3 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router (firmware ≤ M6E_AI_1.00.000019) allows remote atta

CVE-2026-50209 CRITICAL
9.3 Jun 04

Privilege escalation via MDM endpoint hijack in the Acer Connect M6E 5G Portable WiFi Router (firmware ≤M6E_AI_1.00.0000

CVE-2026-50208 CRITICAL
9.2 Jun 04

Cryptographic weaknesses in the Acer Connect M6E 5G Portable WiFi Router (firmware versions through M6E_AI_1.00.000019)

CVE-2026-50205 HIGH
8.8 Jun 04

Sensitive information disclosure in the Acer Connect M6E 5G Portable WiFi Router exposes cleartext SMTP authentication p

CVE-2026-49202 HIGH
8.8 Jun 04

Unauthenticated exposure of internal multimedia session archives in the Acer Connect M6E 5G Portable WiFi Router lets re

CVE-2026-50211 HIGH
8.8 Jun 04

Exposed factory diagnostics in Acer Connect M6E 5G Portable WiFi Router (firmware M6E_AI_1.00.000019 and earlier) allow

CVE-2026-49193 HIGH
8.7 Jun 04

Public exposure of telemetry data affects Acer Connect M6E 5G Portable WiFi Router, where misconfigured cloud storage co

CVE-2026-49187 HIGH
8.7 Jun 04

Information disclosure in the Acer Connect M6E 5G Portable WiFi Router (firmware versions up to and including M6E_AI_1.0

Share

CVE-2026-50225 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy