CVE-2026-36612
MEDIUMMercusys AC12G (EU) V1 Firmware AC12G(EU)_V1_200909 - Weak WPS Lockout Policy
Title source: llmDescription
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 10 attempts).
References (1)
Core 1
Scores
CVSS v3
6.4
EPSS
0.0014
EPSS Percentile
3.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1188
CWE-307
Status
published
Published
Jun 03, 2026
Tracked Since
Jun 03, 2026