CVE-2026-24498

MEDIUM EPSS 32.8%
Published Feb 27, 20264mo ago · Modified Jun 17, 20262w ago
6.0 CVSS 4.0
Medium
Find Similar
Published Feb 27, 2026 4mo ago
Last Modified Jun 17, 2026 2w ago

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.

CVSS Details

Base Score
6.0
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
32.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 8

VendorProductVersionRange
iptimet5008_firmware* <15.27.2
iptimet5008*any
iptimeax2004m_firmware* <15.27.2
iptimeax2004m*any
iptimeax3000q_firmware* <15.27.2
iptimeax3000q*any
iptimeax6000m_firmware* <15.27.2
iptimeax6000m*any

References 2

  • iptime.com https://iptime.com/iptime/?page_id=126&dffid=1&dfsid=15&dftid=589&uid=26901&mod=document
    Release Notes
  • boho.or.kr https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71987
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.