Skip to main content

GNCC GP5 EUVDEUVD-2026-34277

| CVE-2026-36174 MEDIUM
Plaintext Storage of a Password (CWE-256)
2026-06-04 mitre GHSA-wcjq-xfxv-x7mx
4.6
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
4.6 MEDIUM
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 15:39 vuln.today
CVSS changed
Jun 08, 2026 - 15:37 NVD
4.6 (MEDIUM)
CVE Published
Jun 04, 2026 - 00:00 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface.

AnalysisAI

Plaintext credential exposure in GNCC GP5 v7.1.76 allows physically-proximate attackers to capture wireless network credentials by monitoring the device's serial UART interface during routine operations. The device transmits sensitive wireless network information - including network credentials - in cleartext to the serial console, making them trivially readable by anyone with physical access and a UART adapter. No public exploit is identified at time of analysis and no active exploitation is confirmed; however, a researcher-published IoT vulnerability disclosure exists on GitHub detailing the finding.

Technical ContextAI

The GNCC GP5 is an IoT device (firmware v7.1.76) that exposes a serial UART (Universal Asynchronous Receiver-Transmitter) debug/console interface. CWE-256 (Plaintext Storage of a Password) describes the root cause: the device fails to protect sensitive credentials at rest or in transit on the serial bus, instead logging or printing them in cleartext during normal operational routines. UART interfaces are commonly present on embedded and IoT hardware for debugging purposes and are accessible via physical header pins on the PCB. No formal CPE identifier has been assigned (CPE listed as n/a), indicating the product is not yet catalogued in the NVD product dictionary, which may affect automated vulnerability management tooling.

RemediationAI

No vendor-released patch or firmware version is identified at time of analysis. The vendor domains (http://gncc.com, http://gp5.com) should be consulted for firmware updates; if a patched firmware is released, upgrade immediately and rotate any wireless network credentials that may have been exposed. As a compensating control, disable or physically obstruct the UART interface on deployed devices - this typically involves desoldering header pins or applying epoxy to UART pads, which may void warranty and complicate future firmware updates. Network-level miigation: rotate the wireless credentials associated with any device that has been accessible to untrusted individuals, and isolate GP5 devices onto a dedicated VLAN to limit the blast radius of credential theft. Restrict physical access to devices through locked enclosures or secured installations. These controls reduce exploitability but do not remediate the underlying plaintext logging behavior.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

EUVD-2026-34277 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy