Vulnerability intelligence

CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.

CVSS Score

9.8

Critical

EPSS — Exploit Probability

0.1%

Riskier than 29% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

Patch available

Vendor fix published

NVD entry Vendor patch PoC / advisory

1 article across 1 outlet · first covered Jun 10, 2026 · latest Jun 10, 2026

Coverage timeline

Critical flaws in MBS GmbH gateway let attackers gain root access
securityonline.info · Jun 10, 2026