CVE-2026-36738

MEDIUM

U-SPEED AC1200 T18-21K V1.0 - Incorrect Access Control

Title source: llm
STIX 2.1

Description

U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain unrestricted access to device functionality.

References (2)

Core 2

Scores

CVSS v3 6.8
EPSS 0.0020
EPSS Percentile 10.1%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-284
Status published
Published May 13, 2026
Tracked Since May 13, 2026