Acer Connect M6e 5g Portable Wifi Router
26 CVEs affecting Acer Connect M6e 5g Portable Wifi Router. Latest disclosed: 2026-06-04. Critical: 6, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-50211 | Critical | 9.8 | 2026-06-04 | Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRA… |
CVE-2026-49191 | Critical | 9.8 | 2026-06-04 | The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. |
CVE-2026-49188 | Critical | 9.8 | 2026-06-04 | The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitra… |
CVE-2026-49186 | Critical | 9.8 | 2026-06-04 | The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enume… |
CVE-2026-49185 | Critical | 9.8 | 2026-06-04 | The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection. |
CVE-2026-50208 | Critical | 9.4 | 2026-06-04 | High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM… |
CVE-2026-49194 | High | 8.8 | 2026-06-04 | The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interfa… |
CVE-2026-49190 | High | 8.8 | 2026-06-04 | The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or c… |
CVE-2026-49202 | High | 8.6 | 2026-06-04 | Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-si… |
CVE-2026-49203 | High | 8.3 | 2026-06-04 | Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted. |
CVE-2026-50205 | High | 8.2 | 2026-06-04 | System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data. |
CVE-2026-50209 | High | 7.8 | 2026-06-04 | Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to… |
CVE-2026-50207 | High | 7.8 | 2026-06-04 | The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connecti… |
CVE-2026-49189 | High | 7.8 | 2026-06-04 | Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. |
CVE-2026-50213 | High | 7.5 | 2026-06-04 | The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification… |
CVE-2026-50210 | High | 7.5 | 2026-06-04 | The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryp… |
CVE-2026-49193 | High | 7.5 | 2026-06-04 | Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. |
CVE-2026-49187 | High | 7.5 | 2026-06-04 | The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse. |
CVE-2026-50206 | Medium | 6.8 | 2026-06-04 | Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files. |
CVE-2026-50212 | Medium | 6.5 | 2026-06-04 | Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of se… |