PT-2026-44402 · Sdmc · Ne6037

Ivan Racic

Published

2026-05-28

Updated

2026-05-28

CVE-2026-24444

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SDMC NE6037 version 7.1.6.0.25 SDMC NE6037 version 7.1.6.1.9 B9

Description The web management interface recovery endpoints "mgmt.php" and "npcmd.php" contain a hardcoded password. Unauthenticated attackers can gain root access by submitting these hardcoded credentials to the recovery endpoints via HTTP. This access allows attackers to enable filtered SSH and Telnet services, resulting in unauthenticated root-level remote access to the underlying system.

Recommendations Update version 7.1.6.0.25 to a newer version that removes the hardcoded credentials. Update version 7.1.6.1.9 B9 to a newer version that removes the hardcoded credentials.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2026-24444

Affected Products

Ne6037

PT-2026-44402 · Sdmc · Ne6037

CVE-2026-24444

Weakness Enumeration

Related Identifiers

Affected Products

References · 4