Basic Mk2 Firmware

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-26342 CRITICAL POC Act Now

Persistent authentication token in Tattile ANPR cameras firmware 1.181.5 and prior. Authentication tokens never expire, enabling indefinite session reuse. PoC available.

Authentication Bypass Vega33 Firmware Basic Mk2 Firmware Axle Counter Firmware Vega53 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-26341 CRITICAL POC Act Now

Default credentials in Tattile Smart+, Vega, and Basic ANPR camera families firmware 1.181.5 and prior. License plate recognition cameras ship with known default credentials. PoC available.

Authentication Bypass Vega11 Firmware Axle Counter Firmware Vega33 Firmware Anpr Mobile Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-26340 HIGH POC This Week

Unauthenticated RTSP stream access in multiple Tattile and Vega firmware versions allows remote attackers to view live video and audio feeds without credentials, exposing surveillance data across affected devices. Public exploit code exists for this vulnerability, which impacts Axle Counter, Vega11, Vega53, Vega33, and Anpr Mobile firmware lineups version 1.181.5 and earlier. No patch is currently available for this high-severity issue.

Authentication Bypass Axle Counter Firmware Vega11 Firmware Vega53 Firmware Anpr Mobile Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-26342
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Persistent authentication token in Tattile ANPR cameras firmware 1.181.5 and prior. Authentication tokens never expire, enabling indefinite session reuse. PoC available.

Authentication Bypass Vega33 Firmware Basic Mk2 Firmware +4
NVD
CVE-2026-26341
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Default credentials in Tattile Smart+, Vega, and Basic ANPR camera families firmware 1.181.5 and prior. License plate recognition cameras ship with known default credentials. PoC available.

Authentication Bypass Vega11 Firmware Axle Counter Firmware +4
NVD
CVE-2026-26340
EPSS 1% CVSS 7.5
HIGH POC This Week

Unauthenticated RTSP stream access in multiple Tattile and Vega firmware versions allows remote attackers to view live video and audio feeds without credentials, exposing surveillance data across affected devices. Public exploit code exists for this vulnerability, which impacts Axle Counter, Vega11, Vega53, Vega33, and Anpr Mobile firmware lineups version 1.181.5 and earlier. No patch is currently available for this high-severity issue.

Authentication Bypass Axle Counter Firmware Vega11 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy