T5008 Firmware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-24498 HIGH This Week

Multiple IpTIME router firmware versions (T5008, AX2004M, AX3000Q, AX6000M) through 15.26.8 contain an authentication bypass vulnerability that exposes sensitive information to unauthenticated remote attackers. An attacker can leverage this flaw to access confidential device data without valid credentials. No patch is currently available for affected devices.

Authentication Bypass Information Disclosure T5008 Firmware Ax3000q Firmware Ax2004m Firmware +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-55423 CRITICAL POC Act Now

Multiple ipTIME router models have a command injection vulnerability in the upnp_relay() function, allowing remote attackers to execute arbitrary OS commands through crafted UPnP requests.

Command Injection A104 Firmware A604mu Firmware Ax2004 Firmware N2plus I Firmware +159
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2026-24498
EPSS 0% CVSS 7.5
HIGH This Week

Multiple IpTIME router firmware versions (T5008, AX2004M, AX3000Q, AX6000M) through 15.26.8 contain an authentication bypass vulnerability that exposes sensitive information to unauthenticated remote attackers. An attacker can leverage this flaw to access confidential device data without valid credentials. No patch is currently available for affected devices.

Authentication Bypass Information Disclosure T5008 Firmware +3
NVD VulDB
CVE-2025-55423
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Multiple ipTIME router models have a command injection vulnerability in the upnp_relay() function, allowing remote attackers to execute arbitrary OS commands through crafted UPnP requests.

Command Injection A104 Firmware A604mu Firmware +161
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy