Vulnerability intelligence

CVE-2026-7786

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services.

CVSS Score

9.8

Critical

EPSS — Exploit Probability

0.1%

Riskier than 17% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

unknown

Check vendor advisories

NVD entry PoC / advisory

1 article across 1 outlet · first covered Jun 3, 2026 · latest Jun 3, 2026

Coverage timeline

USR W610 flaw (CVE-2026-7786) lets attackers hijack converters
securityonline.info · Jun 3, 2026