CVE-2026-24346

CRITICAL

EZCast Pro II <1.17478.146 - Info Disclosure

Title source: llm

Description

Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application

References (1)

[Third Party Advisory] https://hub.ntc.swiss/ntcf-2025-13993

Scores

CVSS v3 9.1

EPSS 0.0004

EPSS Percentile 10.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-798

Status published

Products (1)

nimbletech/ezcast_pro_dongle_ii_firmware 1.17478.146

Published Jan 27, 2026

Tracked Since Feb 18, 2026