CRITICAL🇵🇱 Wersja polska

CVE-2026-6274

CVSS 9.8v3.1pub. 2026-06-05upd. 2026-06-08

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.

🤖 AI Analysis
How it works

The vulnerability results from improper authentication implementation (CWE-287), lack of authentication requirement for critical functions (CWE-306), and weak identity verification mechanisms (CWE-1390). An attacker can remotely access device functions that should be protected by access control lists (ACL) without possessing an account or any form of authentication. The vulnerability is exploitable over the network without user interaction and without required privileges.

Impact

An attacker can take control of the device, gaining full access to protected administrative functions, leading to a breach of confidentiality, integrity, and system availability.

Mitigation & patch

The Redline WR3200 device firmware should be updated to version 7.1.8 or newer. Until the patch is applied, it is recommended to restrict access to the device management interface exclusively to trusted networks or hosts (e.g., through firewall or network segmentation).

Who is affected

DTS Electronics Redline WR3200 in versions from 7.1.3 (inclusive) to 7.1.8 (exclusive).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References