CVE-2026-27846

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linksys MR9600 version 1.0.4.205530 Linksys MX4200 version 1.0.13.210200

Description A lack of proper authentication allows a user with physical access to the device to misuse the mesh functionality. This can lead to gaining access to sensitive information, including the administrator password for the web interface and Wi-Fi passwords.

Recommendations Update Linksys MR9600 to a version newer than 1.0.4.205530. Update Linksys MX4200 to a version newer than 1.0.13.210200.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2026-27846

Affected Products

Linksys Mr9600

Linksys Mx4200

CVE-2026-27846

Weakness Enumeration

Related Identifiers

Affected Products

References · 5