Auth bypass in Evbee Dc-80

CVE-2026-22096

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints.

Vulnerability class: Broken Authentication

Affected products

Weakness classification (CWE)

References