Donald Warren - Security Researcher - Exploit Intelligence Platform

CVE-2026-36738 WRITEUP MEDIUM WRITEUP

U-SPEED AC1200 T18-21K V1.0 - Incorrect Access Control

U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain unrestricted access to device functionality.

CVSS 6.8

View Code

CVE-2026-36741 WRITEUP HIGH WRITEUP

U-SPEED AC1200 T18-21K V1.0 - Command Injection

U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Command Injection. The Network Time Protocol (NTP) configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands through crafted input fields. These commands are executed with elevated privileges, leading to potential full system compromise.

CVSS 7.2

View Code

CVE-2026-36742 WRITEUP MEDIUM WRITEUP

Hiseeu C90 v5.7.15 - Insecure Permissions

Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode).

CVSS 6.8

View Code

CVE-2026-36738 WRITEUP MEDIUM WRITEUP

U-SPEED AC1200 T18-21K V1.0 - Incorrect Access Control

U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain unrestricted access to device functionality.

CVSS 6.8

View Code

CVE-2026-36741 WRITEUP HIGH WRITEUP

U-SPEED AC1200 T18-21K V1.0 - Command Injection

U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Command Injection. The Network Time Protocol (NTP) configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands through crafted input fields. These commands are executed with elevated privileges, leading to potential full system compromise.

CVSS 7.2

View Code

CVE-2026-36742 WRITEUP MEDIUM WRITEUP

Hiseeu C90 v5.7.15 - Insecure Permissions

Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode).

CVSS 6.8

View Code